Dobrý den, mohli by jste mi prosím preventivně projet logy? Počítač se mi začal zvláštně škubat, občas na vteřinku se tak sekne zvuk, myš, prostě komplet pc a začalo to až dnes. Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Arcane at 2013-04-06 02:49:16
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 12 GB (14%) free of 88 GB
Total RAM: 8136 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:49:22, on 6.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
C:\Program Files\trend micro\Arcane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8900 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\System32\StikyNot.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Opera x64\opera.exe"
"C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe" -newprocess "520 2 0 1 4" -logfolder "C:\Users\Arcane\AppData\Local\Opera\Opera x64\logs"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\dfrgui.exe" /defrag \\?\Volume{c1814ac4-7e22-11e2-87a2-806e6f6e6963}\
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe" -Xmx512m -Dsun.java2d.d3d=false -jar "C:\Program Files (x86)\JDownloader\JDownloader.jar"
"C:\Users\Arcane\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-07 551840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-07 209824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-04-28 307768]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-28 172168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-28 400008]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-28 441992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]
"AdobeBridge"= []
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2013-01-10 8378408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2012-10-17 684024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-12 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2013-04-06 02:49:16 ----D---- C:\rsit
2013-04-06 02:49:16 ----D---- C:\Program Files\trend micro
2013-04-03 16:13:28 ----D---- C:\Users\Arcane\AppData\Roaming\abgx360
2013-04-03 15:58:32 ----D---- C:\Program Files (x86)\abgx360
2013-04-03 12:08:46 ----D---- C:\ProgramData\ATI
2013-04-03 12:02:26 ----D---- C:\Program Files (x86)\AMD AVT
2013-04-03 11:56:39 ----A---- C:\Windows\system32\igfxtray.exe
2013-04-03 11:56:39 ----A---- C:\Windows\system32\igfxTMM.dll
2013-04-03 11:56:39 ----A---- C:\Windows\system32\igfxsrvc.exe
2013-04-03 11:56:38 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2013-04-03 11:56:38 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2013-04-03 11:56:38 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2013-04-03 11:56:38 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxpers.exe
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxext.exe
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxexps.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxdo.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxcmrt64.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfxcmjit64.dll
2013-04-03 11:56:38 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2013-04-03 11:56:37 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2013-04-03 11:56:35 ----A---- C:\Windows\system32\drivers\igdpmd64.sys
2013-04-03 11:56:35 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2013-04-03 11:56:33 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2013-04-03 11:56:33 ----A---- C:\Windows\system32\igdde64.dll
2013-04-03 11:56:32 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2013-04-03 11:56:31 ----A---- C:\Windows\system32\ig4icd64.dll
2013-04-03 11:56:30 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2013-04-03 11:56:30 ----A---- C:\Windows\system32\hkcmd.exe
2013-04-03 11:56:30 ----A---- C:\Windows\system32\GfxUI.exe
2013-04-03 11:56:30 ----A---- C:\Windows\system32\gfxSrvc.dll
2013-04-03 11:56:29 ----A---- C:\Windows\system32\difx64.exe
2013-04-03 11:56:20 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2013-04-03 11:56:19 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2013-04-03 11:56:11 ----A---- C:\Windows\system32\atiesrxx.exe
2013-04-03 11:56:11 ----A---- C:\Windows\system32\atieclxx.exe
2013-04-03 11:56:11 ----A---- C:\Windows\system32\atiapfxx.exe
2013-04-03 11:56:10 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2013-04-03 11:56:10 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2013-04-03 11:56:10 ----A---- C:\Windows\system32\atiumd6a.dll
2013-04-03 11:56:09 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2013-04-03 11:56:09 ----A---- C:\Windows\system32\atitmm64.dll
2013-04-03 11:56:08 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2013-04-03 11:56:08 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atio6axx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atimuixx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atimpc64.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atig6txx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atig6pxx.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\atiedu64.dll
2013-04-03 11:56:08 ----A---- C:\Windows\system32\amdpcom64.dll
2013-04-03 11:56:07 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2013-04-03 11:56:07 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2013-04-03 11:56:07 ----A---- C:\Windows\system32\aticalrt64.dll
2013-04-03 11:56:06 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2013-04-03 11:56:06 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2013-04-03 11:56:06 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2013-04-03 11:56:06 ----A---- C:\Windows\system32\aticaldd64.dll
2013-04-03 11:56:06 ----A---- C:\Windows\system32\aticalcl64.dll
2013-04-03 11:56:05 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2013-04-03 11:56:05 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2013-04-03 11:56:05 ----A---- C:\Windows\system32\coinst_9.012.dll
2013-04-03 11:56:05 ----A---- C:\Windows\system32\atidemgy.dll
2013-04-03 11:56:05 ----A---- C:\Windows\system32\atiadlxx.dll
2013-04-03 11:56:04 ----A---- C:\Windows\system32\atiicdxx.dat
2013-04-02 21:37:35 ----D---- C:\Users\Arcane\AppData\Roaming\ATI
2013-04-02 21:34:07 ----D---- C:\ProgramData\AMD
2013-04-02 21:33:44 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-04-02 21:30:45 ----D---- C:\Program Files (x86)\ATI Technologies
2013-04-02 21:30:41 ----D---- C:\Program Files\ATI
2013-04-02 21:30:09 ----D---- C:\Program Files\ATI Technologies
2013-04-02 21:29:40 ----A---- C:\Windows\system32\IntcDAuC.dll
2013-04-02 21:29:40 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2013-04-02 21:29:36 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2013-04-02 21:29:32 ----A---- C:\Windows\system32\igdumd64.dll
2013-04-02 21:29:09 ----A---- C:\Windows\system32\atibtmon.exe
2013-04-02 21:29:08 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2013-04-02 21:29:08 ----A---- C:\Windows\system32\atiuxp64.dll
2013-04-02 21:29:07 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2013-04-02 21:29:07 ----A---- C:\Windows\system32\atiumd64.dll
2013-04-02 21:29:07 ----A---- C:\Windows\system32\atiu9p64.dll
2013-04-02 21:29:05 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2013-04-02 21:29:05 ----A---- C:\Windows\system32\atidxx64.dll
2013-04-02 21:29:05 ----A---- C:\Windows\system32\aticfx64.dll
2013-04-02 21:29:00 ----D---- C:\Drivers
2013-04-02 21:29:00 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2013-04-02 21:29:00 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2013-04-02 21:29:00 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2013-04-02 21:29:00 ----A---- C:\Windows\system32\ativvsvl.dat
2013-04-02 21:29:00 ----A---- C:\Windows\system32\ativvsva.dat
2013-04-02 21:29:00 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2013-04-02 21:29:00 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2013-04-02 21:29:00 ----A---- C:\Windows\system32\atipblag.dat
2013-04-01 18:36:43 ----D---- C:\Users\Arcane\AppData\Roaming\XnView
2013-04-01 18:36:25 ----D---- C:\Program Files\gs
2013-03-30 22:29:32 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-30 22:29:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-30 17:38:53 ----D---- C:\Program Files\uTorrent
2013-03-30 17:37:58 ----D---- C:\Users\Arcane\AppData\Roaming\uTorrent
2013-03-26 10:53:36 ----D---- C:\ProgramData\Cisco
2013-03-26 10:53:36 ----D---- C:\Program Files (x86)\Cisco
2013-03-22 17:36:36 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-17 15:28:40 ----D---- C:\Program Files (x86)\TeamViewer
2013-03-16 15:39:49 ----D---- C:\ProgramData\ManyCam
2013-03-16 15:39:48 ----D---- C:\Users\Arcane\AppData\Roaming\ManyCam
2013-03-16 15:39:45 ----A---- C:\Windows\system32\drivers\mcvidrv_x64.sys
2013-03-16 15:39:07 ----D---- C:\ProgramData\Temp
2013-03-16 15:39:07 ----D---- C:\Program Files (x86)\ManyCam
2013-03-15 21:03:38 ----D---- C:\Users\Arcane\AppData\Roaming\TeamViewer
2013-03-14 11:38:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 11:38:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 11:38:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 11:38:30 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 11:38:30 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 11:38:30 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 11:38:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 11:38:29 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 11:38:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 11:38:29 ----A---- C:\Windows\system32\url.dll
2013-03-14 11:38:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 11:38:28 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 11:38:28 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 11:38:28 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 11:38:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 11:38:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 11:38:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 11:38:26 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 11:38:26 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 11:38:26 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 11:38:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 11:38:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 11:38:25 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 11:38:25 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 11:38:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 11:38:22 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 11:38:21 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 11:38:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-07 13:33:01 ----A---- C:\Windows\system32\javaws.exe
2013-03-07 13:32:56 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-03-07 13:32:56 ----A---- C:\Windows\system32\javaw.exe
2013-03-07 13:32:56 ----A---- C:\Windows\system32\java.exe
======List of files/folders modified in the last 1 month======
2013-04-06 02:49:17 ----D---- C:\Windows\Temp
2013-04-06 02:49:16 ----RD---- C:\Program Files
2013-04-06 02:42:40 ----D---- C:\Windows\system32\config
2013-04-06 02:36:06 ----D---- C:\Users\Arcane\AppData\Roaming\Skype
2013-04-06 02:35:14 ----D---- C:\Windows\System32
2013-04-06 02:35:14 ----D---- C:\Windows\inf
2013-04-06 02:35:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-06 02:31:10 ----A---- C:\Windows\SYSWOW64\log.txt
2013-04-06 02:28:44 ----D---- C:\Windows
2013-04-06 02:28:38 ----RD---- C:\Program Files (x86)
2013-04-06 02:27:08 ----HD---- C:\ProgramData
2013-04-06 02:27:07 ----D---- C:\Windows\system32\DriverStore
2013-04-06 02:27:07 ----D---- C:\Windows\system32\catroot
2013-04-06 01:56:44 ----D---- C:\Windows\system32\drivers\etc
2013-04-05 23:33:11 ----D---- C:\Windows\Prefetch
2013-04-05 20:19:27 ----D---- C:\Users\Arcane\AppData\Roaming\Winamp
2013-04-05 13:47:42 ----SHD---- C:\System Volume Information
2013-04-05 01:17:26 ----D---- C:\Program Files\Opera x64
2013-04-05 01:17:26 ----D---- C:\Program Files (x86)\Opera x64
2013-04-03 21:32:40 ----D---- C:\Windows\system32\Tasks
2013-04-03 21:22:57 ----D---- C:\Users\Arcane\AppData\Roaming\Media Player Classic
2013-04-03 15:58:32 ----D---- C:\Windows\SysWOW64
2013-04-03 12:06:28 ----SHD---- C:\Config.Msi
2013-04-03 12:02:27 ----SHD---- C:\Windows\Installer
2013-04-03 12:00:29 ----D---- C:\Windows\system32\catroot2
2013-04-03 12:00:18 ----D---- C:\Windows\system32\drivers
2013-04-02 21:33:44 ----D---- C:\Program Files\Common Files
2013-04-02 21:33:44 ----D---- C:\Program Files (x86)\Common Files
2013-04-02 21:23:44 ----D---- C:\Windows\rescache
2013-04-02 21:23:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-02 21:23:29 ----D---- C:\Windows\system32\cs-CZ
2013-04-02 19:26:19 ----SD---- C:\Users\Arcane\AppData\Roaming\Microsoft
2013-04-01 18:41:53 ----D---- C:\Users\Arcane\AppData\Roaming\DAEMON Tools Lite
2013-04-01 18:41:52 ----D---- C:\Windows\Minidump
2013-04-01 18:40:12 ----D---- C:\Program Files\CCleaner
2013-03-30 22:31:05 ----SD---- C:\ProgramData\Microsoft
2013-03-26 10:11:14 ----D---- C:\Windows\system32\NDF
2013-03-23 04:16:57 ----D---- C:\Windows\winsxs
2013-03-20 12:27:37 ----D---- C:\Users\Arcane\AppData\Roaming\TS3Client
2013-03-20 12:27:35 ----D---- C:\Windows\Panther
2013-03-20 12:27:34 ----D---- C:\Windows\Logs
2013-03-20 12:27:34 ----D---- C:\Windows\debug
2013-03-19 17:52:49 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-18 01:51:09 ----RSD---- C:\Windows\assembly
2013-03-17 15:28:47 ----RSD---- C:\Windows\Fonts
2013-03-17 13:47:21 ----D---- C:\Windows\LiveKernelReports
2013-03-16 17:48:20 ----D---- C:\ProgramData\Skype
2013-03-16 17:48:17 ----RD---- C:\Program Files (x86)\Skype
2013-03-14 20:51:43 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-03-14 16:32:12 ----D---- C:\Windows\AppPatch
2013-03-14 16:32:12 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 16:32:11 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 16:32:10 ----D---- C:\Windows\system32\migration
2013-03-14 16:32:08 ----D---- C:\Program Files\Internet Explorer
2013-03-14 11:40:31 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 11:40:22 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 22:27:43 ----D---- C:\ProgramData\Blizzard Entertainment
2013-03-13 20:38:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-12 01:10:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-03-10 15:50:53 ----D---- C:\Program Files (x86)\JDownloader
2013-03-08 14:42:22 ----D---- C:\Windows\system32\wdi
2013-03-07 13:32:53 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-07 13:32:51 ----D---- C:\Program Files\Java
2013-03-07 01:32:22 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-24 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-12-12 5353888]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock64.sys [2012-10-17 107432]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-12 5353888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\Windows\system32\DRIVERS\vpnva64.sys [2012-10-17 27048]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-10-17 544248]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-28 277640]
S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-29 543656]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivku
Zdravim 
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
Tak log z Crystal disk info
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional N SP1 [6.1 Build 7601] (x64)
Date : 2013/04/06 12:14:23
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HITACHI HTS547575A9E384 ATA Device
+ ATA Channel 2 (2) [ATA]
- Slimtype DVD A DS8A5SH ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 2 (2)
-- Disk List ---------------------------------------------------------------
(1) HITACHI HTS547575A9E384 : 750,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HITACHI HTS547575A9E384
----------------------------------------------------------------------------
Model : HITACHI HTS547575A9E384
Firmware : JE4ZD60D
Serial Number : J2540054DHLHWE
Disk Size : 750,1 GB (8,4/137,4/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 6421 hod.
Power On Count : 920 krát
Temparature : 48 C (118 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 181 181 _33 001100000001 Čas na roztočení ploten
04 100 100 __0 0000000003AA Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _86 _86 __0 000000001915 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000398 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000010000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000E Počet vypnutí disku
C1 _85 _85 __0 000000026292 Počet cyklů načítání/vymazání
C2 125 125 __0 004300060030 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 4A32 3534 3534 3534 4448 4C48 5745
020: 0003 4000 0004 4A45 345A 3044 3044 4849 5441 4348
030: 4920 4854 5335 3437 3537 3945 3945 3338 3420 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0004 004C 0040
080: 01FC 0028 346B 7D09 6123 BC09 BC09 6123 203F 0061
090: 0062 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 6003 6003 826C 5000 CCA6
110: 3FD5 2E90 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2082 1CF1 BA00 4000 4000 0400 0108 0000
140: 0000 0703 0505 0504 0406 0000 0000 0000 0000 0000
150: 0000 0000 345A 4436 0000 0000 0000 5DAD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 66A5
Extras -->
OTL Extras logfile created on: 6.4.2013 11:43:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arcane\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,95 Gb Total Physical Memory | 4,52 Gb Available Physical Memory | 56,90% Memory free
15,89 Gb Paging File | 12,70 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 85,47 Gb Total Space | 15,68 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 612,96 Gb Total Space | 104,38 Gb Free Space | 17,03% Space Free | Partition Type: NTFS
Computer Name: ARCANE-PC | User Name: Arcane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\SOFTWARE\Classes\<extension>]
.txt [@ = txtfile] -- C:\Windows\NOTEPAD.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F462FEB5-B59F-46BD-9B29-13728F8BC90F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C5DE8A1-9CCC-43DF-B40A-3F48758F6956}" = protocol=6 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{1E594977-91C2-4176-B13F-15530E047CE2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{2289098F-2AFE-4D67-A73F-5730F6ECB26D}" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii public test.exe |
"{2767E2AB-5797-4051-BB5B-DBF334FDD0F5}" = protocol=17 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{2CDE6FDD-8373-4ED3-8B74-D242431758F7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2DA1636A-19A6-4F8A-AE1F-AAA1941C979F}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{30C1282B-02A6-4FE2-AC80-32F13FEAA1C3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{36377929-E501-425A-996D-9DBE923D7127}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{383753AD-08A2-4804-A2BE-E566BEA3CD6E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{38EC76A9-E41E-45A1-BE72-F00D6A48CA61}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3C0448FF-EFA1-4DF1-8668-DD6737DD5A8E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{588815B2-AA86-487A-A72D-DA6F433BE3F9}" = protocol=17 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{6D26F56D-D93C-41B4-954D-5487A4871F6C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6D4D0F3A-96D4-410B-9157-5F88F093B4F0}" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii.exe |
"{70BE43A7-E2E6-4D2B-B822-C1B005DD5AF4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F86D452-434A-449E-A5E1-AE0DEA27EB7E}" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii.exe |
"{8184A15A-01E3-4C9C-B719-EB5E5E46EBC0}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{955BF704-529F-4964-9634-4D6B22765D6F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{99369E9A-D5A0-450A-984F-BC20D912E747}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{9A4E0A78-1A5E-4BF3-AD93-E0A3BD45206F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{9AC55930-76F9-4B2A-BA04-24679A23AF09}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A2CDC974-F4D9-48C5-940B-12B23DCBFC89}" = protocol=6 | dir=in | app=d:\arcane\steam\steam.exe |
"{A855165D-7834-466E-B668-ED7A75F49FC5}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{AE00E3C1-51EF-42CA-A508-03749CD89C44}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{BBA5651A-AEAD-4081-A979-5D5660A4DBBC}" = dir=out | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"{BFFC5988-0EA5-4A1D-A74B-D78FCD1F6650}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C3136566-C6AF-4EAE-A833-AE938958F585}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{C58F8CF4-87D5-45FF-9F3E-9FAFEAC01D35}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF2BE3C0-96BD-4F1F-8EB2-A708FE780685}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D511B191-D5B0-4DC7-BDF2-95158505D073}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{D59505DA-4F2A-4230-BBC3-E5B98618F33F}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{DA011FBD-90DB-4786-B2E7-D6CC1E652B40}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DAD8A219-E985-4A7A-B9EB-739B8C56B411}" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii public test.exe |
"{DDC721C7-BE24-41A6-8861-38799221B461}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{E18BCFEC-E708-48C1-9B94-7CCE970F009A}" = protocol=6 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{E255EBCE-29B4-4BC8-982A-75EB7D27BFAE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F13F6E75-9386-4F34-96C1-C843EF901891}" = protocol=17 | dir=in | app=d:\arcane\steam\steam.exe |
"{FE5D66B7-D86D-47AE-A6D0-73198F5D0894}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"TCP Query User{5FE94492-E3AC-41D0-9382-6970D844089F}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{7D45F0C0-B259-4BA1-943C-E91BB9D02302}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{828D0A82-B90C-44FF-833F-B852BE6C0B49}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{851116B3-5BC7-42CD-961E-0614DE81EF0A}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{9796C2A4-34D3-47BB-8216-3A5C2F7F03CA}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{A762A061-9B5C-44BE-8A27-1FC6305BCC9E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{FD290032-EC4C-48B8-BB35-F9E1CA44F53E}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{1AE7B473-739B-4155-BC5D-16002FB6FABF}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{5F2C2A0B-D4DA-4E8A-82D3-AC4623705CA7}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{79670DCB-D8A6-4E15-84D3-5663FF5F6D26}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{B5A7D006-2760-4225-A221-CEAD0A3A6FAC}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{B939F8C8-48B8-4E41-97C0-8DC42644F812}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{EAC2D5D7-099B-4447-9ACE-CAED3F43F81A}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{FB5EEAB9-53FD-4BAD-BB47-4FECF5FD1CE8}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170150}" = Java SE Development Kit 7 Update 15 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUS_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUS_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUS_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.7.9 (64-bit)
"Matlab R2011b" = MATLAB R2011b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.15.1748" = Opera 12.15
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{69BCC264-0D43-469F-8434-31E738982E7B}" = Cisco AnyConnect Secure Mobility Client
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = Catalyst Control Center
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"5513-1208-7298-9440" = JDownloader 0.9
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.9
"LogMeIn Hamachi" = LogMeIn Hamachi
"ManyCam" = ManyCam 3.1.43
"PSPad editor_is1" = PSPad editor
"StarCraft II" = StarCraft II
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"Winamp" = Winamp
"winscp3_is1" = WinSCP 5.1.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"QIP 2012" = QIP 2012 4.0.8921
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.4.2013 14:50:22 | Computer Name = Arcane-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8019
Error - 4.4.2013 14:50:22 | Computer Name = Arcane-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8019
Error - 4.4.2013 15:04:59 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 6:50:25 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: Opera.dll, verze: 12.15.1748.0, časové razítko:
0x515ad2fd Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000291671 ID chybujícího
procesu: 0x534 Čas spuštění chybující aplikace: 0x01ce318a91ce5724 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Program
Files\Opera x64\Opera.dll ID zprávy: 9ef99513-9dde-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 6:50:30 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera_plugin_wrapper.exe, verze: 12.15.1748.0,
časové razítko: 0x515ad2fa Název chybujícího modulu: NPSWF64_11_6_602_180.dll_unloaded,
verze: 0.0.0.0, časové razítko: 0x513010fa Kód výjimky: 0xc0000005 Posun chyby: 0x000000005a88fb0a
ID
chybujícího procesu: 0x530 Čas spuštění chybující aplikace: 0x01ce318a956bfdd2 Cesta
k chybující aplikaci: C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
Cesta
k chybujícímu modulu: NPSWF64_11_6_602_180.dll ID zprávy: a1d6a80f-9dde-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 13:59:25 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b8479b Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000002112 ID chybujícího
procesu: 0xbac Čas spuštění chybující aplikace: 0x01ce31eb731a6de5 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: 8cbaa04b-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:00:04 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b8479b Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000002112 ID chybujícího
procesu: 0x1bec Čas spuštění chybující aplikace: 0x01ce3227523234e8 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: a471127d-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:00:07 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera_plugin_wrapper.exe, verze: 12.15.1748.0,
časové razítko: 0x515ad2fa Název chybujícího modulu: NPSWF64_11_6_602_180.dll_unloaded,
verze: 0.0.0.0, časové razítko: 0x513010fa Kód výjimky: 0xc0000005 Posun chyby: 0x000000005a846a4f
ID
chybujícího procesu: 0x99c Čas spuštění chybující aplikace: 0x01ce322757e7039c Cesta
k chybující aplikaci: C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
Cesta
k chybujícímu modulu: NPSWF64_11_6_602_180.dll ID zprávy: a5b99cdd-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:10:27 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 17:43:23 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 20:30:24 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiStore File: .\Certificates\CollectiveCertStore.cpp
Line:
1582 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::searchProcessesForUserToken File:
.\IPC\WinsecAPI.cpp Line: 1466 Invoked Function: Process32Next Return Code: 18 (0x00000012)
Description:
Více souborů neexistuje.
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108865
Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
Line:
93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
.\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
112 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
1612 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
-32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 5.4.2013 17:46:54 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
[ System Events ]
Error - 5.4.2013 20:29:10 | Computer Name = Arcane-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{63A003E5-66FA-43BD-A77D-53D461F35D6A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 5.4.2013 20:29:10 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :20 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 5.4.2013 22:41:43 | Computer Name = Arcane-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 6.4.2013 5:03:38 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:06:14 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:06:24 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:40:50 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:43:15 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:57:03 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:57:03 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
< End of report >
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional N SP1 [6.1 Build 7601] (x64)
Date : 2013/04/06 12:14:23
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HITACHI HTS547575A9E384 ATA Device
+ ATA Channel 2 (2) [ATA]
- Slimtype DVD A DS8A5SH ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 2 (2)
-- Disk List ---------------------------------------------------------------
(1) HITACHI HTS547575A9E384 : 750,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HITACHI HTS547575A9E384
----------------------------------------------------------------------------
Model : HITACHI HTS547575A9E384
Firmware : JE4ZD60D
Serial Number : J2540054DHLHWE
Disk Size : 750,1 GB (8,4/137,4/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 6421 hod.
Power On Count : 920 krát
Temparature : 48 C (118 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 181 181 _33 001100000001 Čas na roztočení ploten
04 100 100 __0 0000000003AA Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _86 _86 __0 000000001915 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000398 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000010000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000E Počet vypnutí disku
C1 _85 _85 __0 000000026292 Počet cyklů načítání/vymazání
C2 125 125 __0 004300060030 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 4A32 3534 3534 3534 4448 4C48 5745
020: 0003 4000 0004 4A45 345A 3044 3044 4849 5441 4348
030: 4920 4854 5335 3437 3537 3945 3945 3338 3420 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0004 004C 0040
080: 01FC 0028 346B 7D09 6123 BC09 BC09 6123 203F 0061
090: 0062 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 6003 6003 826C 5000 CCA6
110: 3FD5 2E90 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2082 1CF1 BA00 4000 4000 0400 0108 0000
140: 0000 0703 0505 0504 0406 0000 0000 0000 0000 0000
150: 0000 0000 345A 4436 0000 0000 0000 5DAD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 66A5
Extras -->
OTL Extras logfile created on: 6.4.2013 11:43:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arcane\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,95 Gb Total Physical Memory | 4,52 Gb Available Physical Memory | 56,90% Memory free
15,89 Gb Paging File | 12,70 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 85,47 Gb Total Space | 15,68 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 612,96 Gb Total Space | 104,38 Gb Free Space | 17,03% Space Free | Partition Type: NTFS
Computer Name: ARCANE-PC | User Name: Arcane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\SOFTWARE\Classes\<extension>]
.txt [@ = txtfile] -- C:\Windows\NOTEPAD.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F462FEB5-B59F-46BD-9B29-13728F8BC90F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C5DE8A1-9CCC-43DF-B40A-3F48758F6956}" = protocol=6 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{1E594977-91C2-4176-B13F-15530E047CE2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{2289098F-2AFE-4D67-A73F-5730F6ECB26D}" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii public test.exe |
"{2767E2AB-5797-4051-BB5B-DBF334FDD0F5}" = protocol=17 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{2CDE6FDD-8373-4ED3-8B74-D242431758F7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2DA1636A-19A6-4F8A-AE1F-AAA1941C979F}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{30C1282B-02A6-4FE2-AC80-32F13FEAA1C3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{36377929-E501-425A-996D-9DBE923D7127}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{383753AD-08A2-4804-A2BE-E566BEA3CD6E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{38EC76A9-E41E-45A1-BE72-F00D6A48CA61}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3C0448FF-EFA1-4DF1-8668-DD6737DD5A8E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{588815B2-AA86-487A-A72D-DA6F433BE3F9}" = protocol=17 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{6D26F56D-D93C-41B4-954D-5487A4871F6C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6D4D0F3A-96D4-410B-9157-5F88F093B4F0}" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii.exe |
"{70BE43A7-E2E6-4D2B-B822-C1B005DD5AF4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F86D452-434A-449E-A5E1-AE0DEA27EB7E}" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii.exe |
"{8184A15A-01E3-4C9C-B719-EB5E5E46EBC0}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{955BF704-529F-4964-9634-4D6B22765D6F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{99369E9A-D5A0-450A-984F-BC20D912E747}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{9A4E0A78-1A5E-4BF3-AD93-E0A3BD45206F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{9AC55930-76F9-4B2A-BA04-24679A23AF09}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A2CDC974-F4D9-48C5-940B-12B23DCBFC89}" = protocol=6 | dir=in | app=d:\arcane\steam\steam.exe |
"{A855165D-7834-466E-B668-ED7A75F49FC5}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{AE00E3C1-51EF-42CA-A508-03749CD89C44}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{BBA5651A-AEAD-4081-A979-5D5660A4DBBC}" = dir=out | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"{BFFC5988-0EA5-4A1D-A74B-D78FCD1F6650}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C3136566-C6AF-4EAE-A833-AE938958F585}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{C58F8CF4-87D5-45FF-9F3E-9FAFEAC01D35}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF2BE3C0-96BD-4F1F-8EB2-A708FE780685}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D511B191-D5B0-4DC7-BDF2-95158505D073}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{D59505DA-4F2A-4230-BBC3-E5B98618F33F}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{DA011FBD-90DB-4786-B2E7-D6CC1E652B40}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DAD8A219-E985-4A7A-B9EB-739B8C56B411}" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\starcraft ii public test.exe |
"{DDC721C7-BE24-41A6-8861-38799221B461}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{E18BCFEC-E708-48C1-9B94-7CCE970F009A}" = protocol=6 | dir=in | app=d:\arcane\steam\steamapps\common\dota 2 beta\dota.exe |
"{E255EBCE-29B4-4BC8-982A-75EB7D27BFAE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F13F6E75-9386-4F34-96C1-C843EF901891}" = protocol=17 | dir=in | app=d:\arcane\steam\steam.exe |
"{FE5D66B7-D86D-47AE-A6D0-73198F5D0894}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"TCP Query User{5FE94492-E3AC-41D0-9382-6970D844089F}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{7D45F0C0-B259-4BA1-943C-E91BB9D02302}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{828D0A82-B90C-44FF-833F-B852BE6C0B49}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{851116B3-5BC7-42CD-961E-0614DE81EF0A}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{9796C2A4-34D3-47BB-8216-3A5C2F7F03CA}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{A762A061-9B5C-44BE-8A27-1FC6305BCC9E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{FD290032-EC4C-48B8-BB35-F9E1CA44F53E}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{1AE7B473-739B-4155-BC5D-16002FB6FABF}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{5F2C2A0B-D4DA-4E8A-82D3-AC4623705CA7}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{79670DCB-D8A6-4E15-84D3-5663FF5F6D26}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{B5A7D006-2760-4225-A221-CEAD0A3A6FAC}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{B939F8C8-48B8-4E41-97C0-8DC42644F812}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{EAC2D5D7-099B-4447-9ACE-CAED3F43F81A}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{FB5EEAB9-53FD-4BAD-BB47-4FECF5FD1CE8}D:\arcane\hry\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\arcane\hry\starcraft ii\versions\base24944\sc2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170150}" = Java SE Development Kit 7 Update 15 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUS_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUS_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUS_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.7.9 (64-bit)
"Matlab R2011b" = MATLAB R2011b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.15.1748" = Opera 12.15
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{69BCC264-0D43-469F-8434-31E738982E7B}" = Cisco AnyConnect Secure Mobility Client
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = Catalyst Control Center
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"5513-1208-7298-9440" = JDownloader 0.9
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.9
"LogMeIn Hamachi" = LogMeIn Hamachi
"ManyCam" = ManyCam 3.1.43
"PSPad editor_is1" = PSPad editor
"StarCraft II" = StarCraft II
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"Winamp" = Winamp
"winscp3_is1" = WinSCP 5.1.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"QIP 2012" = QIP 2012 4.0.8921
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.4.2013 14:50:22 | Computer Name = Arcane-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8019
Error - 4.4.2013 14:50:22 | Computer Name = Arcane-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8019
Error - 4.4.2013 15:04:59 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 6:50:25 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: Opera.dll, verze: 12.15.1748.0, časové razítko:
0x515ad2fd Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000291671 ID chybujícího
procesu: 0x534 Čas spuštění chybující aplikace: 0x01ce318a91ce5724 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Program
Files\Opera x64\Opera.dll ID zprávy: 9ef99513-9dde-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 6:50:30 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera_plugin_wrapper.exe, verze: 12.15.1748.0,
časové razítko: 0x515ad2fa Název chybujícího modulu: NPSWF64_11_6_602_180.dll_unloaded,
verze: 0.0.0.0, časové razítko: 0x513010fa Kód výjimky: 0xc0000005 Posun chyby: 0x000000005a88fb0a
ID
chybujícího procesu: 0x530 Čas spuštění chybující aplikace: 0x01ce318a956bfdd2 Cesta
k chybující aplikaci: C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
Cesta
k chybujícímu modulu: NPSWF64_11_6_602_180.dll ID zprávy: a1d6a80f-9dde-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 13:59:25 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b8479b Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000002112 ID chybujícího
procesu: 0xbac Čas spuštění chybující aplikace: 0x01ce31eb731a6de5 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: 8cbaa04b-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:00:04 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera.exe, verze: 12.15.1748.0, časové razítko:
0x515ac410 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b8479b Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000002112 ID chybujícího
procesu: 0x1bec Čas spuštění chybující aplikace: 0x01ce3227523234e8 Cesta k chybující
aplikaci: C:\Program Files\Opera x64\opera.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: a471127d-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:00:07 | Computer Name = Arcane-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: opera_plugin_wrapper.exe, verze: 12.15.1748.0,
časové razítko: 0x515ad2fa Název chybujícího modulu: NPSWF64_11_6_602_180.dll_unloaded,
verze: 0.0.0.0, časové razítko: 0x513010fa Kód výjimky: 0xc0000005 Posun chyby: 0x000000005a846a4f
ID
chybujícího procesu: 0x99c Čas spuštění chybující aplikace: 0x01ce322757e7039c Cesta
k chybující aplikaci: C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
Cesta
k chybujícímu modulu: NPSWF64_11_6_602_180.dll ID zprávy: a5b99cdd-9e1a-11e2-bda4-e4d53dd88f8f
Error - 5.4.2013 14:10:27 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 17:43:23 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2013 20:30:24 | Computer Name = Arcane-PC | Source = WinMgmt | ID = 10
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiStore File: .\Certificates\CollectiveCertStore.cpp
Line:
1582 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::searchProcessesForUserToken File:
.\IPC\WinsecAPI.cpp Line: 1466 Invoked Function: Process32Next Return Code: 18 (0x00000012)
Description:
Více souborů neexistuje.
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108865
Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
Line:
93 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
.\IPC\WinsecAPI.cpp Line: 73 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
112 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
Code: -32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
57 Invoked Function: CapiCertUtils Return Code: -32833517 (0xFE0B0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
39 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32833517 (0xFE0B0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
1612 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
-32833517 (0xFE0B0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 5.4.2013 17:44:27 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 5.4.2013 17:46:54 | Computer Name = Arcane-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
[ System Events ]
Error - 5.4.2013 20:29:10 | Computer Name = Arcane-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{63A003E5-66FA-43BD-A77D-53D461F35D6A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 5.4.2013 20:29:10 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :20 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 5.4.2013 22:41:43 | Computer Name = Arcane-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 6.4.2013 5:03:38 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:06:14 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:06:24 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:40:50 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:43:15 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:57:03 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
Error - 6.4.2013 5:57:03 | Computer Name = Arcane-PC | Source = NetBT | ID = 4321
Description = Název ARCANE-PC :0 nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.103 nepovolil získání názvu tímto počítačem.
< End of report >
Re: Prosím o preventivku
OTL logfile created on: 6.4.2013 11:43:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arcane\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,95 Gb Total Physical Memory | 4,52 Gb Available Physical Memory | 56,90% Memory free
15,89 Gb Paging File | 12,70 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 85,47 Gb Total Space | 15,68 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 612,96 Gb Total Space | 104,38 Gb Free Space | 17,03% Space Free | Partition Type: NTFS
Computer Name: ARCANE-PC | User Name: Arcane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.06 11:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.01.10 19:58:46 | 008,378,408 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2013.02.12 10:31:06 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013.02.12 10:31:06 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.01.10 19:59:26 | 000,878,632 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2013.01.10 19:59:22 | 000,519,208 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\MRA.dll
MOD - [2013.01.10 19:59:08 | 001,072,168 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\InfICQ.dll
MOD - [2013.01.10 19:58:50 | 004,663,848 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.13 20:38:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.28 13:14:40 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 12:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.24 11:59:01 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.12.12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.12.12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.17 19:13:36 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.10.17 19:11:37 | 000,107,432 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.19 07:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.08 03:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.14 06:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.12.10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.24 12:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 05:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.10.21 08:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.30 10:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63A003E5-66FA-43BD-A77D-53D461F35D6A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.06 11:06:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
[2013.04.06 02:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.06 02:49:16 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.03 16:13:28 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.04.03 15:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abgx360
[2013.04.03 15:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\abgx360
[2013.04.03 12:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.03 12:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.03 12:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.03 11:56:39 | 000,512,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.04.03 11:56:39 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.04.03 11:56:39 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.04.03 11:56:39 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.04.03 11:56:39 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.04.03 11:56:39 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.04.03 11:56:39 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.04.03 11:56:39 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.04.03 11:56:39 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.04.03 11:56:39 | 000,431,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.04.03 11:56:39 | 000,410,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.04.03 11:56:39 | 000,172,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.04.03 11:56:38 | 003,511,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.03 11:56:38 | 003,121,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.03 11:56:38 | 000,640,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.03 11:56:38 | 000,518,656 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.03 11:56:38 | 000,483,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2013.04.03 11:56:38 | 000,441,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.04.03 11:56:38 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.04.03 11:56:38 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.04.03 11:56:38 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.04.03 11:56:38 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.04.03 11:56:38 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.04.03 11:56:38 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.04.03 11:56:38 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.04.03 11:56:38 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.04.03 11:56:38 | 000,330,752 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.04.03 11:56:38 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.04.03 11:56:38 | 000,255,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.04.03 11:56:38 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.04.03 11:56:38 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.04.03 11:56:38 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2013.04.03 11:56:38 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.04.03 11:56:37 | 000,459,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2013.04.03 11:56:35 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2013.04.03 11:56:35 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.04.03 11:56:32 | 011,174,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2013.04.03 11:56:31 | 013,030,400 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2013.04.03 11:56:30 | 010,812,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2013.04.03 11:56:30 | 005,906,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2013.04.03 11:56:30 | 000,400,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.04.03 11:56:30 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.04.03 11:56:29 | 000,185,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.04.03 11:56:20 | 000,552,960 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.04.03 11:56:19 | 011,278,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.04.03 11:56:11 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.04.03 11:56:11 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.04.03 11:56:11 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.04.03 11:56:10 | 005,087,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013.04.03 11:56:10 | 004,162,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013.04.03 11:56:10 | 000,109,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.04.03 11:56:09 | 018,982,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.04.03 11:56:09 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.04.03 11:56:08 | 023,461,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.04.03 11:56:08 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.04.03 11:56:08 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.04.03 11:56:08 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.04.03 11:56:08 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.04.03 11:56:08 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.04.03 11:56:08 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.04.03 11:56:08 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.04.03 11:56:08 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.04.03 11:56:08 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.04.03 11:56:08 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.04.03 11:56:07 | 006,681,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.04.03 11:56:07 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.04.03 11:56:07 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.04.03 11:56:06 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.04.03 11:56:06 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.04.03 11:56:06 | 000,421,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.04.03 11:56:06 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.04.03 11:56:06 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.04.03 11:56:05 | 000,619,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013.04.03 11:56:05 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013.04.03 11:56:05 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.04.03 11:56:05 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.04.03 11:56:05 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.04.02 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\ATI
[2013.04.02 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\ATI
[2013.04.02 21:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.04.02 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.04.02 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.04.02 21:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.04.02 21:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.04.02 21:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.04.02 21:29:40 | 000,342,528 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.04.02 21:29:40 | 000,016,896 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2013.04.02 21:29:36 | 000,277,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.04.02 21:29:32 | 012,615,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2013.04.02 21:29:09 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2013.04.02 21:29:08 | 005,630,200 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013.04.02 21:29:08 | 000,130,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013.04.02 21:29:07 | 006,786,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013.04.02 21:29:07 | 000,104,448 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013.04.02 21:29:07 | 000,083,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013.04.02 21:29:05 | 007,370,752 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013.04.02 21:29:05 | 001,151,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013.04.02 21:29:05 | 000,960,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013.04.02 21:29:00 | 000,000,000 | ---D | C] -- C:\Drivers
[2013.04.01 18:36:43 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\XnView
[2013.04.01 18:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2013.03.30 22:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.30 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.30 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.30 17:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2013.03.30 17:37:58 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013.03.22 17:36:36 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.19 19:01:56 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\libimobiledevice
[2013.03.17 15:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.03.16 15:39:49 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\ManyCam
[2013.03.16 15:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2013.03.16 15:39:48 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.03.16 15:39:45 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013.03.16 15:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.03.16 15:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013.03.15 21:03:38 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.14 11:38:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 11:38:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 11:38:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 11:38:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 11:38:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 11:38:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 11:38:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 11:38:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 11:38:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 11:38:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 11:38:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 11:38:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 11:38:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 11:38:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 11:38:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.13 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\Arcane\Documents\StarCraft II
[2013.03.13 20:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.03.13 20:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.03.07 13:33:01 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.07 13:32:56 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.07 13:32:56 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.07 13:32:56 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
========== Files - Modified Within 30 Days ==========
[2013.04.06 11:44:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.06 11:42:26 | 527,123,976 | ---- | M] () -- C:\Users\Arcane\Desktop\Spartacus.S03E09.HDTV.x264-EVOLVE.mp4
[2013.04.06 11:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.06 11:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
[2013.04.06 08:00:08 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013.04.06 02:36:28 | 000,028,160 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 02:36:28 | 000,028,160 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 02:35:14 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.06 02:35:14 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.06 02:35:14 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.06 02:35:14 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.06 02:35:14 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.06 02:28:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 02:28:39 | 2103,332,863 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 02:16:53 | 000,000,600 | ---- | M] () -- C:\Users\Arcane\AppData\Roaming\winscp.rnd
[2013.04.05 17:41:23 | 000,056,898 | ---- | M] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.srt
[2013.04.05 12:38:17 | 145,492,338 | ---- | M] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.mp4
[2013.04.05 12:38:09 | 280,586,425 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e19.HDTV-LOL.mp4
[2013.04.04 20:41:34 | 000,041,284 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.S08E19.HDTV-LOL.srt
[2013.04.02 21:32:43 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.04.02 19:24:48 | 289,437,180 | ---- | M] () -- C:\Users\Arcane\Desktop\Californication.S06E12.HDTV.x264-2HD.mp4
[2013.04.02 13:45:36 | 000,022,538 | ---- | M] () -- C:\Users\Arcane\Desktop\CALIFORNICATION S06E12 - I'll Lay My Monsters Down (AFG, 2HD, 720p).srt
[2013.03.29 22:33:29 | 249,498,843 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.mp4
[2013.03.28 21:25:24 | 000,044,633 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.srt
[2013.03.26 23:05:07 | 066,451,466 | ---- | M] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.mp4
[2013.03.26 23:04:41 | 180,708,090 | ---- | M] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.mp4
[2013.03.26 16:29:26 | 000,036,568 | ---- | M] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.srt
[2013.03.25 12:12:55 | 000,037,787 | ---- | M] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.srt
[2013.03.25 00:41:34 | 000,050,740 | ---- | M] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.srt
[2013.03.23 12:22:54 | 737,116,160 | ---- | M] () -- C:\Users\Arcane\Desktop\Mumie.Hrob.Draciho.cisare.2008.DVDRip.XviD.CZ-xXx.avi
[2013.03.23 11:21:32 | 466,982,860 | ---- | M] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.mp4
[2013.03.23 11:11:22 | 262,233,166 | ---- | M] () -- C:\Users\Arcane\Desktop\06x11 The Abby.mp4
[2013.03.23 01:03:06 | 000,026,738 | ---- | M] () -- C:\Users\Arcane\Desktop\06x11 The Abby.srt
[2013.03.22 18:09:09 | 230,871,929 | ---- | M] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.mp4
[2013.03.21 22:12:36 | 000,047,104 | ---- | M] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.srt
[2013.03.19 17:52:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.18 01:42:36 | 004,964,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.13 20:38:33 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 20:38:33 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.12 11:39:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.07 13:32:53 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.07 13:32:53 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.07 13:32:53 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.07 13:32:53 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.07 13:32:53 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
========== Files Created - No Company Name ==========
[2013.04.06 11:40:51 | 527,123,976 | ---- | C] () -- C:\Users\Arcane\Desktop\Spartacus.S03E09.HDTV.x264-EVOLVE.mp4
[2013.04.06 11:11:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.05 18:58:20 | 000,056,898 | ---- | C] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.srt
[2013.04.05 12:37:52 | 000,041,284 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.S08E19.HDTV-LOL.srt
[2013.04.05 12:37:46 | 145,492,338 | ---- | C] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.mp4
[2013.04.05 12:37:19 | 280,586,425 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e19.HDTV-LOL.mp4
[2013.04.03 11:56:40 | 000,017,102 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.04.03 11:56:38 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.04.03 11:56:33 | 000,080,384 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013.04.03 11:56:33 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.04.03 11:56:30 | 000,223,492 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.04.03 11:56:30 | 000,194,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.04.03 11:56:30 | 000,144,637 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.04.03 11:56:30 | 000,142,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.04.03 11:56:30 | 000,141,833 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.04.03 11:56:30 | 000,137,880 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.04.03 11:56:30 | 000,126,294 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.04.03 11:56:30 | 000,124,662 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.04.03 11:56:30 | 000,000,268 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013.04.03 11:56:29 | 000,209,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.04.03 11:56:29 | 000,166,124 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.04.03 11:56:29 | 000,158,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.04.03 11:56:29 | 000,149,649 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.04.03 11:56:29 | 000,147,360 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.04.03 11:56:29 | 000,147,269 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.04.03 11:56:29 | 000,145,974 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.04.03 11:56:29 | 000,145,470 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.04.03 11:56:29 | 000,144,235 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.04.03 11:56:29 | 000,143,989 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.04.03 11:56:29 | 000,143,916 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.04.03 11:56:29 | 000,143,249 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.04.03 11:56:29 | 000,142,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.04.03 11:56:29 | 000,142,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.04.03 11:56:29 | 000,141,998 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.04.03 11:56:29 | 000,141,038 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.04.03 11:56:29 | 000,137,793 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.04.03 11:56:29 | 000,137,132 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.04.03 11:56:29 | 000,132,623 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.04.03 11:56:20 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.04.03 11:56:04 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.04.03 11:56:03 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.04.03 11:56:03 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.04.03 11:56:03 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.04.03 11:56:03 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.04.02 21:32:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.02 21:29:00 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.04.02 21:29:00 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.04.02 21:29:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.04.02 21:29:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013.04.02 21:29:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.04.02 21:29:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013.04.02 21:29:00 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.04.02 21:29:00 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013.04.02 19:24:28 | 000,022,538 | ---- | C] () -- C:\Users\Arcane\Desktop\CALIFORNICATION S06E12 - I'll Lay My Monsters Down (AFG, 2HD, 720p).srt
[2013.04.02 19:24:09 | 289,437,180 | ---- | C] () -- C:\Users\Arcane\Desktop\Californication.S06E12.HDTV.x264-2HD.mp4
[2013.03.29 22:28:33 | 000,044,633 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.srt
[2013.03.29 22:28:27 | 249,498,843 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.mp4
[2013.03.26 23:05:05 | 000,036,568 | ---- | C] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.srt
[2013.03.26 23:05:01 | 000,037,787 | ---- | C] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.srt
[2013.03.26 23:04:54 | 066,451,466 | ---- | C] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.mp4
[2013.03.26 23:04:24 | 180,708,090 | ---- | C] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.mp4
[2013.03.25 02:09:44 | 000,050,740 | ---- | C] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.srt
[2013.03.23 12:20:45 | 737,116,160 | ---- | C] () -- C:\Users\Arcane\Desktop\Mumie.Hrob.Draciho.cisare.2008.DVDRip.XviD.CZ-xXx.avi
[2013.03.23 11:20:24 | 466,982,860 | ---- | C] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.mp4
[2013.03.23 11:16:26 | 000,026,738 | ---- | C] () -- C:\Users\Arcane\Desktop\06x11 The Abby.srt
[2013.03.23 11:10:47 | 262,233,166 | ---- | C] () -- C:\Users\Arcane\Desktop\06x11 The Abby.mp4
[2013.03.22 18:08:20 | 000,047,104 | ---- | C] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.srt
[2013.03.22 18:08:14 | 230,871,929 | ---- | C] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.mp4
[2013.03.19 17:52:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.17 15:28:45 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.03.01 12:54:46 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.03.01 12:54:46 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.03.01 12:54:46 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.03.01 12:54:35 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.02.25 19:02:59 | 000,000,600 | ---- | C] () -- C:\Users\Arcane\AppData\Roaming\winscp.rnd
[2013.02.24 12:25:00 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.02.24 04:05:12 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2013.02.24 04:05:11 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013.02.24 04:05:10 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2013.02.24 04:04:29 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.12.14 03:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 03:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
========== ZeroAccess Check ==========
[2009.07.14 07:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.03 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.03.05 22:43:05 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Canneverbe Limited
[2013.04.01 18:41:53 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\DAEMON Tools Lite
[2013.03.19 11:13:08 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.02.24 13:43:30 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\NetBeans
[2013.02.24 04:13:49 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Opera
[2013.02.24 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\QIP
[2013.02.24 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Subversion
[2013.03.17 15:29:15 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.20 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TS3Client
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.04.01 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\XnView
========== Purity Check ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arcane\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,95 Gb Total Physical Memory | 4,52 Gb Available Physical Memory | 56,90% Memory free
15,89 Gb Paging File | 12,70 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 85,47 Gb Total Space | 15,68 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 612,96 Gb Total Space | 104,38 Gb Free Space | 17,03% Space Free | Partition Type: NTFS
Computer Name: ARCANE-PC | User Name: Arcane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.06 11:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.01.10 19:58:46 | 008,378,408 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2013.02.12 10:31:06 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013.02.12 10:31:06 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.01.10 19:59:26 | 000,878,632 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2013.01.10 19:59:22 | 000,519,208 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\MRA.dll
MOD - [2013.01.10 19:59:08 | 001,072,168 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\InfICQ.dll
MOD - [2013.01.10 19:58:50 | 004,663,848 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.13 20:38:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.28 13:14:40 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 12:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.10.17 19:29:39 | 000,544,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.24 11:59:01 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.12.12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.12.12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.17 19:13:36 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.10.17 19:11:37 | 000,107,432 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.19 07:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.08 03:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.14 06:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.12.10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.24 12:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 05:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.10.21 08:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.30 10:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63A003E5-66FA-43BD-A77D-53D461F35D6A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.06 11:06:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
[2013.04.06 02:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.06 02:49:16 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.03 16:13:28 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.04.03 15:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abgx360
[2013.04.03 15:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\abgx360
[2013.04.03 12:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.03 12:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.03 12:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.03 11:56:39 | 000,512,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.04.03 11:56:39 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.04.03 11:56:39 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.04.03 11:56:39 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.04.03 11:56:39 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.04.03 11:56:39 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.04.03 11:56:39 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.04.03 11:56:39 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.04.03 11:56:39 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.04.03 11:56:39 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.04.03 11:56:39 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.04.03 11:56:39 | 000,431,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.04.03 11:56:39 | 000,410,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.04.03 11:56:39 | 000,172,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.04.03 11:56:38 | 003,511,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.03 11:56:38 | 003,121,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.03 11:56:38 | 000,640,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.03 11:56:38 | 000,518,656 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.03 11:56:38 | 000,483,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2013.04.03 11:56:38 | 000,441,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.04.03 11:56:38 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.04.03 11:56:38 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.04.03 11:56:38 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.04.03 11:56:38 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.04.03 11:56:38 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.04.03 11:56:38 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.04.03 11:56:38 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.04.03 11:56:38 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.04.03 11:56:38 | 000,330,752 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.04.03 11:56:38 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.04.03 11:56:38 | 000,255,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.04.03 11:56:38 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.04.03 11:56:38 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.04.03 11:56:38 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2013.04.03 11:56:38 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.04.03 11:56:37 | 000,459,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2013.04.03 11:56:35 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2013.04.03 11:56:35 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.04.03 11:56:32 | 011,174,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2013.04.03 11:56:31 | 013,030,400 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2013.04.03 11:56:30 | 010,812,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2013.04.03 11:56:30 | 005,906,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2013.04.03 11:56:30 | 000,400,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.04.03 11:56:30 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.04.03 11:56:29 | 000,185,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.04.03 11:56:20 | 000,552,960 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.04.03 11:56:19 | 011,278,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.04.03 11:56:11 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.04.03 11:56:11 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.04.03 11:56:11 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.04.03 11:56:10 | 005,087,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013.04.03 11:56:10 | 004,162,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013.04.03 11:56:10 | 000,109,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.04.03 11:56:09 | 018,982,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.04.03 11:56:09 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.04.03 11:56:08 | 023,461,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.04.03 11:56:08 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.04.03 11:56:08 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.04.03 11:56:08 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.04.03 11:56:08 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.04.03 11:56:08 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.04.03 11:56:08 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.04.03 11:56:08 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.04.03 11:56:08 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.04.03 11:56:08 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.04.03 11:56:08 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.04.03 11:56:07 | 006,681,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.04.03 11:56:07 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.04.03 11:56:07 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.04.03 11:56:06 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.04.03 11:56:06 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.04.03 11:56:06 | 000,421,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.04.03 11:56:06 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.04.03 11:56:06 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.04.03 11:56:05 | 000,619,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013.04.03 11:56:05 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013.04.03 11:56:05 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.04.03 11:56:05 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.04.03 11:56:05 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.04.02 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\ATI
[2013.04.02 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\ATI
[2013.04.02 21:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.04.02 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.04.02 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.04.02 21:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.04.02 21:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.04.02 21:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.04.02 21:29:40 | 000,342,528 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.04.02 21:29:40 | 000,016,896 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2013.04.02 21:29:36 | 000,277,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.04.02 21:29:32 | 012,615,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2013.04.02 21:29:09 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2013.04.02 21:29:08 | 005,630,200 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013.04.02 21:29:08 | 000,130,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013.04.02 21:29:07 | 006,786,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013.04.02 21:29:07 | 000,104,448 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013.04.02 21:29:07 | 000,083,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013.04.02 21:29:05 | 007,370,752 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013.04.02 21:29:05 | 001,151,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013.04.02 21:29:05 | 000,960,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013.04.02 21:29:00 | 000,000,000 | ---D | C] -- C:\Drivers
[2013.04.01 18:36:43 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\XnView
[2013.04.01 18:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2013.03.30 22:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.30 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.30 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.30 17:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2013.03.30 17:37:58 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2013.03.26 10:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013.03.22 17:36:36 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.19 19:01:56 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\libimobiledevice
[2013.03.17 15:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.03.16 15:39:49 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Local\ManyCam
[2013.03.16 15:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2013.03.16 15:39:48 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.03.16 15:39:45 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2013.03.16 15:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.03.16 15:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2013.03.15 21:03:38 | 000,000,000 | ---D | C] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.14 11:38:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 11:38:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 11:38:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 11:38:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 11:38:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 11:38:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 11:38:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 11:38:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 11:38:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 11:38:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 11:38:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 11:38:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 11:38:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 11:38:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 11:38:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.13 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\Arcane\Documents\StarCraft II
[2013.03.13 20:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.03.13 20:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.03.07 13:33:01 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.07 13:32:56 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.07 13:32:56 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.07 13:32:56 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
========== Files - Modified Within 30 Days ==========
[2013.04.06 11:44:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.06 11:42:26 | 527,123,976 | ---- | M] () -- C:\Users\Arcane\Desktop\Spartacus.S03E09.HDTV.x264-EVOLVE.mp4
[2013.04.06 11:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.06 11:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arcane\Desktop\OTL.exe
[2013.04.06 08:00:08 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013.04.06 02:36:28 | 000,028,160 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 02:36:28 | 000,028,160 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 02:35:14 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.06 02:35:14 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.06 02:35:14 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.06 02:35:14 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.06 02:35:14 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.06 02:28:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 02:28:39 | 2103,332,863 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 02:16:53 | 000,000,600 | ---- | M] () -- C:\Users\Arcane\AppData\Roaming\winscp.rnd
[2013.04.05 17:41:23 | 000,056,898 | ---- | M] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.srt
[2013.04.05 12:38:17 | 145,492,338 | ---- | M] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.mp4
[2013.04.05 12:38:09 | 280,586,425 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e19.HDTV-LOL.mp4
[2013.04.04 20:41:34 | 000,041,284 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.S08E19.HDTV-LOL.srt
[2013.04.02 21:32:43 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.04.02 19:24:48 | 289,437,180 | ---- | M] () -- C:\Users\Arcane\Desktop\Californication.S06E12.HDTV.x264-2HD.mp4
[2013.04.02 13:45:36 | 000,022,538 | ---- | M] () -- C:\Users\Arcane\Desktop\CALIFORNICATION S06E12 - I'll Lay My Monsters Down (AFG, 2HD, 720p).srt
[2013.03.29 22:33:29 | 249,498,843 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.mp4
[2013.03.28 21:25:24 | 000,044,633 | ---- | M] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.srt
[2013.03.26 23:05:07 | 066,451,466 | ---- | M] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.mp4
[2013.03.26 23:04:41 | 180,708,090 | ---- | M] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.mp4
[2013.03.26 16:29:26 | 000,036,568 | ---- | M] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.srt
[2013.03.25 12:12:55 | 000,037,787 | ---- | M] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.srt
[2013.03.25 00:41:34 | 000,050,740 | ---- | M] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.srt
[2013.03.23 12:22:54 | 737,116,160 | ---- | M] () -- C:\Users\Arcane\Desktop\Mumie.Hrob.Draciho.cisare.2008.DVDRip.XviD.CZ-xXx.avi
[2013.03.23 11:21:32 | 466,982,860 | ---- | M] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.mp4
[2013.03.23 11:11:22 | 262,233,166 | ---- | M] () -- C:\Users\Arcane\Desktop\06x11 The Abby.mp4
[2013.03.23 01:03:06 | 000,026,738 | ---- | M] () -- C:\Users\Arcane\Desktop\06x11 The Abby.srt
[2013.03.22 18:09:09 | 230,871,929 | ---- | M] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.mp4
[2013.03.21 22:12:36 | 000,047,104 | ---- | M] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.srt
[2013.03.19 17:52:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.18 01:42:36 | 004,964,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.13 20:38:33 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 20:38:33 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.12 11:39:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.07 13:32:53 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.07 13:32:53 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.07 13:32:53 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.07 13:32:53 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.07 13:32:53 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
========== Files Created - No Company Name ==========
[2013.04.06 11:40:51 | 527,123,976 | ---- | C] () -- C:\Users\Arcane\Desktop\Spartacus.S03E09.HDTV.x264-EVOLVE.mp4
[2013.04.06 11:11:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.05 18:58:20 | 000,056,898 | ---- | C] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.srt
[2013.04.05 12:37:52 | 000,041,284 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.S08E19.HDTV-LOL.srt
[2013.04.05 12:37:46 | 145,492,338 | ---- | C] () -- C:\Users\Arcane\Desktop\The.Big.Bang.Theory.S06E20.HDTV.x264-LOL.mp4
[2013.04.05 12:37:19 | 280,586,425 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e19.HDTV-LOL.mp4
[2013.04.03 11:56:40 | 000,017,102 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.04.03 11:56:38 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.04.03 11:56:33 | 000,080,384 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013.04.03 11:56:33 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.04.03 11:56:30 | 000,223,492 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.04.03 11:56:30 | 000,194,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.04.03 11:56:30 | 000,144,637 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.04.03 11:56:30 | 000,142,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.04.03 11:56:30 | 000,141,833 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.04.03 11:56:30 | 000,137,880 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.04.03 11:56:30 | 000,126,294 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.04.03 11:56:30 | 000,124,662 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.04.03 11:56:30 | 000,000,268 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013.04.03 11:56:29 | 000,209,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.04.03 11:56:29 | 000,166,124 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.04.03 11:56:29 | 000,158,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.04.03 11:56:29 | 000,149,649 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.04.03 11:56:29 | 000,147,360 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.04.03 11:56:29 | 000,147,269 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.04.03 11:56:29 | 000,145,974 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.04.03 11:56:29 | 000,145,470 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.04.03 11:56:29 | 000,144,235 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.04.03 11:56:29 | 000,143,989 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.04.03 11:56:29 | 000,143,916 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.04.03 11:56:29 | 000,143,249 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.04.03 11:56:29 | 000,142,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.04.03 11:56:29 | 000,142,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.04.03 11:56:29 | 000,141,998 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.04.03 11:56:29 | 000,141,038 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.04.03 11:56:29 | 000,137,793 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.04.03 11:56:29 | 000,137,132 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.04.03 11:56:29 | 000,132,623 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.04.03 11:56:20 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.04.03 11:56:04 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.04.03 11:56:03 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.04.03 11:56:03 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.04.03 11:56:03 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.04.03 11:56:03 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.04.02 21:32:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.02 21:29:00 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.04.02 21:29:00 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.04.02 21:29:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.04.02 21:29:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013.04.02 21:29:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.04.02 21:29:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013.04.02 21:29:00 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.04.02 21:29:00 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013.04.02 19:24:28 | 000,022,538 | ---- | C] () -- C:\Users\Arcane\Desktop\CALIFORNICATION S06E12 - I'll Lay My Monsters Down (AFG, 2HD, 720p).srt
[2013.04.02 19:24:09 | 289,437,180 | ---- | C] () -- C:\Users\Arcane\Desktop\Californication.S06E12.HDTV.x264-2HD.mp4
[2013.03.29 22:28:33 | 000,044,633 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.srt
[2013.03.29 22:28:27 | 249,498,843 | ---- | C] () -- C:\Users\Arcane\Desktop\Supernatural.s08e18.HDTV-LOL.mp4
[2013.03.26 23:05:05 | 000,036,568 | ---- | C] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.srt
[2013.03.26 23:05:01 | 000,037,787 | ---- | C] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.srt
[2013.03.26 23:04:54 | 066,451,466 | ---- | C] () -- C:\Users\Arcane\Desktop\Family.Guy.S11E16.HDTV.x264-LOL.mp4
[2013.03.26 23:04:24 | 180,708,090 | ---- | C] () -- C:\Users\Arcane\Desktop\How.I.Met.Your.Mother.S08E20.HDTV.x264-LOL.mp4
[2013.03.25 02:09:44 | 000,050,740 | ---- | C] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.srt
[2013.03.23 12:20:45 | 737,116,160 | ---- | C] () -- C:\Users\Arcane\Desktop\Mumie.Hrob.Draciho.cisare.2008.DVDRip.XviD.CZ-xXx.avi
[2013.03.23 11:20:24 | 466,982,860 | ---- | C] () -- C:\Users\Arcane\Desktop\03x08 Separate Paths.mp4
[2013.03.23 11:16:26 | 000,026,738 | ---- | C] () -- C:\Users\Arcane\Desktop\06x11 The Abby.srt
[2013.03.23 11:10:47 | 262,233,166 | ---- | C] () -- C:\Users\Arcane\Desktop\06x11 The Abby.mp4
[2013.03.22 18:08:20 | 000,047,104 | ---- | C] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.srt
[2013.03.22 18:08:14 | 230,871,929 | ---- | C] () -- C:\Users\Arcane\Desktop\08x17 Goodbye Stranger.mp4
[2013.03.19 17:52:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.17 15:28:45 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.03.01 12:54:46 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.03.01 12:54:46 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.03.01 12:54:46 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.03.01 12:54:35 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.02.25 19:02:59 | 000,000,600 | ---- | C] () -- C:\Users\Arcane\AppData\Roaming\winscp.rnd
[2013.02.24 12:25:00 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.02.24 04:05:12 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2013.02.24 04:05:11 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013.02.24 04:05:10 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2013.02.24 04:04:29 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.12.14 03:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 03:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
========== ZeroAccess Check ==========
[2009.07.14 07:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.03 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.03.05 22:43:05 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Canneverbe Limited
[2013.04.01 18:41:53 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\DAEMON Tools Lite
[2013.03.19 11:13:08 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.02.24 13:43:30 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\NetBeans
[2013.02.24 04:13:49 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Opera
[2013.02.24 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\QIP
[2013.02.24 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Subversion
[2013.03.17 15:29:15 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.20 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TS3Client
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.04.01 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\XnView
========== Purity Check ==========
Re: Prosím o preventivku
========== Custom Scans ==========
< >
[2009.07.14 07:08:02 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:02 | 000,016,552 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.24 12:00:14 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.24 15:12:31 | 000,000,548 | ---- | C] () -- C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 05:24:43 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:57 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2010.01.27 00:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files\MATLAB\R2011b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:46 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:35 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:24:21 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:34 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.03 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.02.26 10:02:58 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Adobe
[2013.02.24 17:46:26 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Apple Computer
[2013.04.02 21:37:35 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ATI
[2013.03.05 22:43:05 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Canneverbe Limited
[2013.04.01 18:41:53 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\DAEMON Tools Lite
[2013.02.24 03:45:56 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Identities
[2013.02.24 03:51:35 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\InstallShield
[2013.02.24 12:04:04 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Macromedia
[2013.03.19 11:13:08 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.02.24 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\MathWorks
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Media Player Classic
[2013.04.02 19:26:19 | 000,000,000 | --SD | M] -- C:\Users\Arcane\AppData\Roaming\Microsoft
[2013.02.24 13:43:30 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\NetBeans
[2013.02.24 04:13:49 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Opera
[2013.03.05 10:02:23 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\PSpad
[2013.02.24 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\QIP
[2013.04.06 11:53:40 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Skype
[2013.02.24 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Subversion
[2013.03.17 15:29:15 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.20 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TS3Client
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.04.05 20:19:27 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Winamp
[2013.02.24 04:01:00 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\WinRAR
[2013.04.01 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.06 02:31:10 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 19:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"AdobeBridge" =
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun -- [2013.01.10 19:58:46 | 008,378,408 | ---- | M] (QIP)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.06 11:44:40 | 000,000,512 | ---- | M] () MD5=4DD3A7497339F90D1CAD620A693FBBA6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.03.10 15:50:53 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
< *keygen* /s >
< *loader* /s >
[2012.10.17 19:29:47 | 000,887,800 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2012.10.17 19:29:47 | 000,887,800 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.01.28 14:08:40 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.22 09:43:16 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.05.22 09:43:16 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2012.05.22 09:43:16 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2013.03.05 14:29:07 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.03.05 14:30:38 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.03.05 14:30:30 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.03.05 14:30:07 | 000,007,073 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2012.05.22 09:43:16 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2013.02.12 10:35:34 | 000,160,480 | ---- | M] () -- \Program Files (x86)\ManyCam\Bin\effectsdownloader.exe
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.24 13:31:05 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.02.24 13:31:06 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.02.24 13:31:08 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.02.24 13:31:07 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.02.24 13:31:07 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.02.24 13:31:09 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.07.08 16:53:48 | 000,000,816 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\registry\dotnetcli_loader.xml
[2011.08.14 00:39:38 | 000,008,704 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\dotnetcli_loader.dll
[2009.09.21 07:46:08 | 000,015,003 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 14:21:36 | 000,000,727 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\ByteLoader.pm
[2010.01.26 23:16:30 | 000,027,274 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\DynaLoader.pm
[2008.10.25 15:58:38 | 000,017,776 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\SelfLoader.pm
[2010.01.26 23:16:30 | 000,010,882 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\XSLoader.pm
[2010.01.26 23:18:04 | 000,032,875 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2008.06.07 08:04:56 | 000,001,378 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2008.10.08 13:14:06 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\local\classloader.txt
[2013.02.14 00:05:45 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.02.14 00:05:45 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\Modules\org-openide-loaders.xml
[2013.02.24 13:31:31 | 001,403,031 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\org-openide-loaders.jar
[2013.02.24 13:31:26 | 000,007,123 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ja.jar
[2013.02.24 13:31:25 | 000,006,548 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2013.02.24 13:31:26 | 000,007,647 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ru.jar
[2013.02.24 13:31:25 | 000,006,744 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.02.24 13:32:52 | 000,000,799 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\update_tracking\org-openide-loaders.xml
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.03.05 14:28:12 | 000,001,949 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.03.05 14:28:12 | 000,001,928 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.03.05 14:28:12 | 000,002,005 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.05 14:28:12 | 000,001,949 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.03.05 14:28:12 | 000,001,928 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.03.05 14:28:12 | 000,002,005 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.05 14:26:00 | 000,000,914 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2013.02.25 20:02:26 | 000,011,558 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\widgets\youtube-downloader-2-1.7.2-1.oex
[2013.03.05 14:28:19 | 000,002,005 | ---- | M] () -- \Users\Arcane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.04.03 21:27:05 | 000,286,369 | ---- | M] () -- \Users\Arcane\AppData\Roaming\NetBeans\7.3\update\download\org-openide-loaders.nbm
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 11:03:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 11:03:05 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 11:03:05 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 11:03:05 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 11:03:05 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.02.24 04:21:08 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.02.24 04:21:08 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.02.24 04:21:08 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.02.24 04:21:08 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.02.24 04:21:08 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 11:01:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:17:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2005.05.27 10:14:24 | 000,000,716 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsexplorer\@node\constructNodePath.m
[2005.05.27 10:14:26 | 000,000,419 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsexplorer\@node\getParentNode.m
[2005.06.27 19:03:18 | 000,000,116 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsguis\@tshistnode\tshistnode.m
[2008.08.20 19:00:22 | 000,001,295 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsguis\@tsparentnode\tsparentnode.m
[2011.07.08 15:40:30 | 000,000,225 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\shared\rptgen\@rpt_xml\@document\createTextNode.p
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.31 20:10:52 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.02.24 13:31:02 | 000,015,232 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\bin\serialver.exe
[2013.02.24 15:12:38 | 000,000,672 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\matlab_serial_resources_retail_common 4020370487462499627.xml
[2013.02.24 15:12:38 | 000,000,651 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\rs232_serial_retail_common 5886484713713814274.xml
[2013.02.24 15:12:38 | 000,000,513 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\rs232_serial_retail_win64 4422645862260718839.xml
[2013.02.24 15:12:39 | 000,001,583 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\matlab_serial_resources_retail_common_manifest.bin
[2013.02.24 15:12:39 | 000,002,140 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\rs232_serial_retail_common_manifest.bin
[2013.02.24 15:12:39 | 000,002,347 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\rs232_serial_retail_win64_manifest.bin
[2011.07.08 15:03:04 | 000,278,016 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\boost_serialization-vc90-mt-1_44.dll
[2011.07.08 15:03:04 | 000,181,760 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\boost_wserialization-vc90-mt-1_44.dll
[2011.07.08 14:31:04 | 000,233,984 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\rxtxSerial.dll
[2010.11.08 15:33:18 | 000,000,190 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\Serialize.xml
[2011.05.10 15:39:20 | 000,000,493 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\serial\serial.xml
[2011.05.10 15:39:20 | 000,000,426 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\serial\serialbreak.xml
[2011.07.08 13:39:38 | 000,000,405 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\ja_JP\Serialize.xml
[2005.06.21 15:29:20 | 000,000,429 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graph2d\@graph2d\@functionline\postdeserialize.m
[2007.03.03 00:45:00 | 000,000,313 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\clearDatatipSerialization.m
[2007.05.29 17:13:56 | 000,001,469 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\deserializeDatatips.m
[2007.03.03 00:45:04 | 000,001,017 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\serializeDatatips.m
[2004.04.10 19:27:36 | 000,000,107 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datatip\postdeserialize.m
[2011.05.10 16:05:16 | 000,006,485 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\serial.m
[2011.05.10 16:05:16 | 000,001,836 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\serialbreak.m
[2004.12.29 13:00:58 | 000,001,613 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\ja\serial.m
[2004.12.29 13:00:58 | 000,001,182 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\ja\serialbreak.m
[2005.06.21 15:36:46 | 000,000,308 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@colorbar\postserialize.m
[2005.06.21 15:36:46 | 000,000,552 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@colorbar\preserialize.m
[2007.09.27 18:47:40 | 000,000,439 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@legend\postserialize.m
[2007.09.27 18:47:40 | 000,000,773 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@legend\preserialize.m
[2006.10.09 22:23:52 | 000,000,787 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeaxes\postdeserialize.m
[2006.12.20 03:17:56 | 000,000,651 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribegrid\postdeserialize.m
[2006.11.29 17:52:08 | 000,002,181 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postdeserialize.m
[2011.03.07 01:26:58 | 000,000,225 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postDeserializePins.m
[2006.10.09 22:24:14 | 000,000,280 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postserialize.m
[2006.10.09 22:24:16 | 000,000,281 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\preserialize.m
[2006.10.09 22:24:26 | 000,000,336 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject1D\postDeserializePins.m
[2006.10.09 22:24:34 | 000,000,288 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject2D\postDeserializePins.m
[2006.12.20 03:17:56 | 000,000,559 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeuaxes\postdeserialize.m
[2005.09.12 15:00:38 | 000,000,796 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\private\colorbarpostdeserialize.m
[2006.10.09 22:25:12 | 000,001,800 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\private\legendpostdeserialize.m
[2004.04.10 19:31:04 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@areaseries\postdeserialize.m
[2007.04.20 16:12:58 | 000,001,814 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\postdeserialize.m
[2007.03.03 00:45:28 | 000,000,267 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\postserialize.m
[2007.03.03 00:45:28 | 000,000,354 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\preserialize.m
[2004.04.10 19:31:16 | 000,000,147 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@contourgroup\postdeserialize.m
[2004.04.10 19:31:20 | 000,000,261 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@errorbarseries\postdeserialize.m
[2004.04.10 19:31:22 | 000,000,260 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@quivergroup\postdeserialize.m
[2004.04.10 19:31:24 | 000,000,147 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@scattergroup\postdeserialize.m
[2004.04.10 19:31:30 | 000,000,254 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@stairseries\postdeserialize.m
[2004.04.10 19:32:04 | 000,000,447 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@stemseries\postdeserialize.m
[2013.01.24 22:32:40 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.31 20:11:30 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.02.24 15:00:57 | 000,013,312 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Curse.CurseClient.Common.XmlSerializers.dll
[2013.02.24 15:01:11 | 000,001,079 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Curse.CurseClient.Common.XmlSerializers.manifest
[2013.02.24 15:00:57 | 000,013,312 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2013.03.16 14:33:38 | 000,000,581 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.04.12 11:02:41 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.24 21:52:27 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.02.24 14:07:41 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.24 14:48:22 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.02.24 14:47:46 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.25 00:09:47 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.25 00:09:43 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.02.25 01:33:00 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.02.24 19:19:28 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.02.24 19:19:38 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.24 21:51:50 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.02.24 11:56:52 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.24 12:26:06 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.24 11:56:51 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.24 12:26:06 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.24 12:26:09 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:42 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 11:02:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 11:02:42 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 11:02:43 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.02.24 04:21:08 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.02.24 04:21:08 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 11:03:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 11:03:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:18:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:18:51 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:18:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.04.12 11:02:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:18:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:19:13 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:41 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.04.12 11:02:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
< >
[2009.07.14 07:08:02 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:02 | 000,016,552 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.24 12:00:14 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.24 15:12:31 | 000,000,548 | ---- | C] () -- C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 05:24:43 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:57 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2010.01.27 00:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files\MATLAB\R2011b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:46 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:35 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:24:21 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:34 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.03 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\abgx360
[2013.02.26 10:02:58 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Adobe
[2013.02.24 17:46:26 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Apple Computer
[2013.04.02 21:37:35 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ATI
[2013.03.05 22:43:05 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Canneverbe Limited
[2013.04.01 18:41:53 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\DAEMON Tools Lite
[2013.02.24 03:45:56 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Identities
[2013.02.24 03:51:35 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\InstallShield
[2013.02.24 12:04:04 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Macromedia
[2013.03.19 11:13:08 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\ManyCam
[2013.02.24 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\MathWorks
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Media Player Classic
[2013.04.02 19:26:19 | 000,000,000 | --SD | M] -- C:\Users\Arcane\AppData\Roaming\Microsoft
[2013.02.24 13:43:30 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\NetBeans
[2013.02.24 04:13:49 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Opera
[2013.03.05 10:02:23 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\PSpad
[2013.02.24 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\QIP
[2013.04.06 11:53:40 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Skype
[2013.02.24 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Subversion
[2013.03.17 15:29:15 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TeamViewer
[2013.03.20 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\TS3Client
[2013.04.03 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\uTorrent
[2013.04.05 20:19:27 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\Winamp
[2013.02.24 04:01:00 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\WinRAR
[2013.04.01 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\Arcane\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.06 02:31:10 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 19:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"AdobeBridge" =
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun -- [2013.01.10 19:58:46 | 008,378,408 | ---- | M] (QIP)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.06 11:44:40 | 000,000,512 | ---- | M] () MD5=4DD3A7497339F90D1CAD620A693FBBA6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.03.10 15:50:53 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
< *keygen* /s >
< *loader* /s >
[2012.10.17 19:29:47 | 000,887,800 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2012.10.17 19:29:47 | 000,887,800 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.01.28 14:08:40 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.22 09:43:16 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.05.22 09:43:16 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2012.05.22 09:43:16 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2013.03.05 14:29:07 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.03.05 14:30:38 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.03.05 14:30:30 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.03.05 14:30:07 | 000,007,073 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2012.05.22 09:43:16 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2013.02.12 10:35:34 | 000,160,480 | ---- | M] () -- \Program Files (x86)\ManyCam\Bin\effectsdownloader.exe
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.24 13:31:05 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.02.24 13:31:06 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.02.24 13:31:08 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.02.24 13:31:07 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.02.24 13:31:07 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.02.24 13:31:09 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.07.08 16:53:48 | 000,000,816 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\registry\dotnetcli_loader.xml
[2011.08.14 00:39:38 | 000,008,704 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\dotnetcli_loader.dll
[2009.09.21 07:46:08 | 000,015,003 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 14:21:36 | 000,000,727 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\ByteLoader.pm
[2010.01.26 23:16:30 | 000,027,274 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\DynaLoader.pm
[2008.10.25 15:58:38 | 000,017,776 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\SelfLoader.pm
[2010.01.26 23:16:30 | 000,010,882 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\XSLoader.pm
[2010.01.26 23:18:04 | 000,032,875 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2008.06.07 08:04:56 | 000,001,378 | ---- | M] () -- \Program Files\MATLAB\R2011b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2008.10.08 13:14:06 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\local\classloader.txt
[2013.02.14 00:05:45 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.02.14 00:05:45 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\Modules\org-openide-loaders.xml
[2013.02.24 13:31:31 | 001,403,031 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\org-openide-loaders.jar
[2013.02.24 13:31:26 | 000,007,123 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ja.jar
[2013.02.24 13:31:25 | 000,006,548 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2013.02.24 13:31:26 | 000,007,647 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ru.jar
[2013.02.24 13:31:25 | 000,006,744 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.02.24 13:32:52 | 000,000,799 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\update_tracking\org-openide-loaders.xml
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.03.05 14:28:12 | 000,001,949 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.03.05 14:28:12 | 000,001,928 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.03.05 14:28:12 | 000,002,005 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.05 14:28:12 | 000,001,949 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.03.05 14:28:12 | 000,001,928 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.03.05 14:28:12 | 000,002,005 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.05 14:26:00 | 000,000,914 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2013.02.25 20:02:26 | 000,011,558 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\widgets\youtube-downloader-2-1.7.2-1.oex
[2013.03.05 14:28:19 | 000,002,005 | ---- | M] () -- \Users\Arcane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.04.03 21:27:05 | 000,286,369 | ---- | M] () -- \Users\Arcane\AppData\Roaming\NetBeans\7.3\update\download\org-openide-loaders.nbm
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 11:03:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 11:03:05 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 11:03:05 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 11:03:05 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 11:03:05 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.02.24 04:21:08 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.02.24 04:21:08 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.02.24 04:21:08 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.02.24 04:21:08 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.02.24 04:21:08 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 11:01:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:17:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2005.05.27 10:14:24 | 000,000,716 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsexplorer\@node\constructNodePath.m
[2005.05.27 10:14:26 | 000,000,419 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsexplorer\@node\getParentNode.m
[2005.06.27 19:03:18 | 000,000,116 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsguis\@tshistnode\tshistnode.m
[2008.08.20 19:00:22 | 000,001,295 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\timeseries\@tsguis\@tsparentnode\tsparentnode.m
[2011.07.08 15:40:30 | 000,000,225 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\shared\rptgen\@rpt_xml\@document\createTextNode.p
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.31 20:10:52 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.02.24 13:31:02 | 000,015,232 | ---- | M] () -- \Program Files\Java\jdk1.7.0_15\bin\serialver.exe
[2013.02.24 15:12:38 | 000,000,672 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\matlab_serial_resources_retail_common 4020370487462499627.xml
[2013.02.24 15:12:38 | 000,000,651 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\rs232_serial_retail_common 5886484713713814274.xml
[2013.02.24 15:12:38 | 000,000,513 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\components\rs232_serial_retail_win64 4422645862260718839.xml
[2013.02.24 15:12:39 | 000,001,583 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\matlab_serial_resources_retail_common_manifest.bin
[2013.02.24 15:12:39 | 000,002,140 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\rs232_serial_retail_common_manifest.bin
[2013.02.24 15:12:39 | 000,002,347 | ---- | M] () -- \Program Files\MATLAB\R2011b\appdata\files\rs232_serial_retail_win64_manifest.bin
[2011.07.08 15:03:04 | 000,278,016 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\boost_serialization-vc90-mt-1_44.dll
[2011.07.08 15:03:04 | 000,181,760 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\boost_wserialization-vc90-mt-1_44.dll
[2011.07.08 14:31:04 | 000,233,984 | ---- | M] () -- \Program Files\MATLAB\R2011b\bin\win64\rxtxSerial.dll
[2010.11.08 15:33:18 | 000,000,190 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\Serialize.xml
[2011.05.10 15:39:20 | 000,000,493 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\serial\serial.xml
[2011.05.10 15:39:20 | 000,000,426 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\en\serial\serialbreak.xml
[2011.07.08 13:39:38 | 000,000,405 | ---- | M] () -- \Program Files\MATLAB\R2011b\resources\MATLAB\ja_JP\Serialize.xml
[2005.06.21 15:29:20 | 000,000,429 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graph2d\@graph2d\@functionline\postdeserialize.m
[2007.03.03 00:45:00 | 000,000,313 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\clearDatatipSerialization.m
[2007.05.29 17:13:56 | 000,001,469 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\deserializeDatatips.m
[2007.03.03 00:45:04 | 000,001,017 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datacursormanager\serializeDatatips.m
[2004.04.10 19:27:36 | 000,000,107 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\graphics\@graphics\@datatip\postdeserialize.m
[2011.05.10 16:05:16 | 000,006,485 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\serial.m
[2011.05.10 16:05:16 | 000,001,836 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\serialbreak.m
[2004.12.29 13:00:58 | 000,001,613 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\ja\serial.m
[2004.12.29 13:00:58 | 000,001,182 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\iofun\@serial\ja\serialbreak.m
[2005.06.21 15:36:46 | 000,000,308 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@colorbar\postserialize.m
[2005.06.21 15:36:46 | 000,000,552 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@colorbar\preserialize.m
[2007.09.27 18:47:40 | 000,000,439 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@legend\postserialize.m
[2007.09.27 18:47:40 | 000,000,773 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@legend\preserialize.m
[2006.10.09 22:23:52 | 000,000,787 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeaxes\postdeserialize.m
[2006.12.20 03:17:56 | 000,000,651 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribegrid\postdeserialize.m
[2006.11.29 17:52:08 | 000,002,181 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postdeserialize.m
[2011.03.07 01:26:58 | 000,000,225 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postDeserializePins.m
[2006.10.09 22:24:14 | 000,000,280 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\postserialize.m
[2006.10.09 22:24:16 | 000,000,281 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject\preserialize.m
[2006.10.09 22:24:26 | 000,000,336 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject1D\postDeserializePins.m
[2006.10.09 22:24:34 | 000,000,288 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeobject2D\postDeserializePins.m
[2006.12.20 03:17:56 | 000,000,559 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\@scribe\@scribeuaxes\postdeserialize.m
[2005.09.12 15:00:38 | 000,000,796 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\private\colorbarpostdeserialize.m
[2006.10.09 22:25:12 | 000,001,800 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\scribe\private\legendpostdeserialize.m
[2004.04.10 19:31:04 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@areaseries\postdeserialize.m
[2007.04.20 16:12:58 | 000,001,814 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\postdeserialize.m
[2007.03.03 00:45:28 | 000,000,267 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\postserialize.m
[2007.03.03 00:45:28 | 000,000,354 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@barseries\preserialize.m
[2004.04.10 19:31:16 | 000,000,147 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@contourgroup\postdeserialize.m
[2004.04.10 19:31:20 | 000,000,261 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@errorbarseries\postdeserialize.m
[2004.04.10 19:31:22 | 000,000,260 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@quivergroup\postdeserialize.m
[2004.04.10 19:31:24 | 000,000,147 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@scattergroup\postdeserialize.m
[2004.04.10 19:31:30 | 000,000,254 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@stairseries\postdeserialize.m
[2004.04.10 19:32:04 | 000,000,447 | ---- | M] () -- \Program Files\MATLAB\R2011b\toolbox\matlab\specgraph\@specgraph\@stemseries\postdeserialize.m
[2013.01.24 22:32:40 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.31 20:11:30 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.02.24 15:00:57 | 000,013,312 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Curse.CurseClient.Common.XmlSerializers.dll
[2013.02.24 15:01:11 | 000,001,079 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\Curse.CurseClient.Common.XmlSerializers.manifest
[2013.02.24 15:00:57 | 000,013,312 | ---- | M] () -- \Users\Arcane\AppData\Local\Apps\2.0\V58KLMTP.MA7\CGJQC7TG.9B8\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2013.03.16 14:33:38 | 000,000,581 | ---- | M] () -- \Users\Arcane\AppData\Local\Opera\Opera x64\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.04.12 11:02:41 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.24 21:52:27 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.02.24 14:07:41 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.24 14:48:22 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.02.24 14:47:46 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.25 00:09:47 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.25 00:09:43 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.02.25 01:33:00 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.02.24 19:19:28 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.02.24 19:19:38 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.24 21:51:50 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.02.24 11:56:52 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.24 12:26:06 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.24 11:56:51 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.24 12:26:06 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.24 12:26:09 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:42 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 11:02:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 11:02:42 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 11:02:43 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.02.24 04:21:08 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.02.24 04:21:08 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 11:03:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 11:03:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:18:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:18:51 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:18:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.04.12 11:02:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:18:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:19:13 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 11:02:41 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.04.12 11:02:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 11:02:37 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 11:02:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Prosím o preventivku
Vidim na plose nejake mp4. Hlidejte si velikost plochy. Nemela by mit vic nez 200-300MB. Brzdi to pc. Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:services
AdobeARMservice
SkypeUpdate
AdobeFlashPlayerUpdateSvc
SwitchBoard
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O4 - HKU\S-1-5-21-2837777829-3629561418-1743151657-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"AdobeBridge"=-
"Infium"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"StartCCC"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Arcane
->Temp folder emptied: 9831291 bytes
->Temporary Internet Files folder emptied: 1090906 bytes
->Flash cache emptied: 1260 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54992 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 11,00 mb
[EMPTYFLASH]
User: All Users
User: Arcane
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP586B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7D5F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP990A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC34.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3275.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4816.tmp\System.DirectoryServices.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4816.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D6B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD124.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE0FB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE3E8.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 04062013_133811
Files\Folders moved on Reboot...
C:\Users\Arcane\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Arcane
->Temp folder emptied: 9831291 bytes
->Temporary Internet Files folder emptied: 1090906 bytes
->Flash cache emptied: 1260 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54992 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 11,00 mb
[EMPTYFLASH]
User: All Users
User: Arcane
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-2837777829-3629561418-1743151657-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP586B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7D5F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP990A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC34.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3275.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4816.tmp\System.DirectoryServices.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4816.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D6B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD124.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE0FB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE3E8.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 04062013_133811
Files\Folders moved on Reboot...
C:\Users\Arcane\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o preventivku
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
# AdwCleaner v2.200 - Log vytvooen 06/04/2013 v 13:45:15
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Professional N Service Pack 1 (64 bits)
# Uživatel : Arcane - ARCANE-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Arcane\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
*************************
AdwCleaner[R1].txt - [699 octets] - [06/04/2013 13:45:15]
########## EOF - C:\AdwCleaner[R1].txt - [758 octets] ##########
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Professional N Service Pack 1 (64 bits)
# Uživatel : Arcane - ARCANE-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Arcane\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
*************************
AdwCleaner[R1].txt - [699 octets] - [06/04/2013 13:45:15]
########## EOF - C:\AdwCleaner[R1].txt - [758 octets] ##########
Re: Prosím o preventivku
Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
Tak tady je zatím první log. MBAM stále projíždí, asi to bude na dýl, tak ho sem pak hodím 
# AdwCleaner v2.200 - Log vytvooen 06/04/2013 v 13:50:08
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Professional N Service Pack 1 (64 bits)
# Uživatel : Arcane - ARCANE-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Arcane\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
*************************
AdwCleaner[R1].txt - [824 octets] - [06/04/2013 13:45:15]
AdwCleaner[S1].txt - [756 octets] - [06/04/2013 13:50:08]
########## EOF - C:\AdwCleaner[S1].txt - [815 octets] ##########
# AdwCleaner v2.200 - Log vytvooen 06/04/2013 v 13:50:08
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Professional N Service Pack 1 (64 bits)
# Uživatel : Arcane - ARCANE-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Arcane\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
*************************
AdwCleaner[R1].txt - [824 octets] - [06/04/2013 13:45:15]
AdwCleaner[S1].txt - [756 octets] - [06/04/2013 13:50:08]
########## EOF - C:\AdwCleaner[S1].txt - [815 octets] ##########
Re: Prosím o preventivku
Jasne 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.04.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Arcane :: ARCANE-PC [administrátor]
Ochrana: Povolena
6.4.2013 15:10:40
MBAM-log-2013-04-06 (16-29-21).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 458306
Uplynulý čas: 1 hodin, 18 minut, 29 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.04.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Arcane :: ARCANE-PC [administrátor]
Ochrana: Povolena
6.4.2013 15:10:40
MBAM-log-2013-04-06 (16-29-21).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 458306
Uplynulý čas: 1 hodin, 18 minut, 29 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o preventivku
Zrejme crack, ze?
Nebudu komentovat. Nalez doporucuji odstranit, pak MBAM odinstalujte.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.
Nebudu komentovat. Nalez doporucuji odstranit, pak MBAM odinstalujte.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivku
Co se týče rychlosti reakcí PC tak lepší, děkuju moc Akorát stále mám problém s tím trháním se. Prostě občas sebou vše škupne, myš, hudba, filmy, video, hry, cokoliv je spuštěné. Všiml jsem si že se to stalo i při přihlašování do windows.
Akorát stále mám problém s tím trháním se. Prostě občas sebou vše škupne, myš, hudba, filmy, video, hry, cokoliv je spuštěné. Všiml jsem si že se to stalo i při přihlašování do windows.
Přispějete na provoz fóra?
