Logfile of random's system information tool 1.09 (written by random/random)
Run by Luko at 2013-04-16 19:43:02
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 24 GB (48%) free of 51 GB
Total RAM: 2984 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:43:35, on 16. 4. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\TV IR\TV IR.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luko\Desktop\RSIT.exe
C:\Program Files\trend micro\Luko.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nexon.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [TVPro Control] C:\Program Files\TV IR\TV IR.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 7426 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-07 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-08-02 51872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-07 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-08-02 827040]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-08-02 693920]
"TVPro Control"=C:\Program Files\TV IR\TV IR.EXE [2010-04-22 692296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 146032]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 181360]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 190064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2011-03-18 258048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-12-23 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connection Manager]
C:\Program Files\O2\Connection Manager\emmsn.exe -dock []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2011-08-16 1571432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-09-05 10992232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
C:\Program Files\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynAsusAcpi]
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 83240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2262312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium]
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush none none []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe DEF EULA C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html DEF DEF DEF []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2011-09-13 2317312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-12-23 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk]
C:\PROGRA~1\ALDITA~1\ALDITA~2.EXE []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 330752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-04-11 00:22:52 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-11 00:22:51 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-04-11 00:22:48 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-11 00:22:48 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-11 00:22:45 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-04-11 00:22:39 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-11 00:22:39 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-11 00:22:39 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-11 00:22:39 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-11 00:22:39 ----A---- C:\Windows\system32\aaclient.dll
2013-04-11 00:22:38 ----A---- C:\Windows\system32\wksprt.exe
2013-04-11 00:22:38 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-11 00:22:38 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-11 00:22:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-11 00:22:38 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-11 00:22:38 ----A---- C:\Windows\system32\mstsc.exe
2013-04-11 00:22:37 ----A---- C:\Windows\system32\mstscax.dll
2013-04-11 00:21:40 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 00:21:39 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 00:21:39 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 00:21:39 ----A---- C:\Windows\system32\iesetup.dll
2013-04-11 00:21:38 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 00:21:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-11 00:21:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 00:21:37 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-11 00:21:37 ----A---- C:\Windows\system32\iernonce.dll
2013-04-11 00:21:37 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-11 00:21:36 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 00:21:35 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 00:21:34 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 00:21:31 ----A---- C:\Windows\system32\ieframe.dll
2013-04-11 00:21:29 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 00:18:20 ----A---- C:\Windows\system32\schannel.dll
2013-04-11 00:18:19 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-11 00:18:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-04-11 00:18:19 ----A---- C:\Windows\system32\drivers\cng.sys
2013-04-11 00:18:15 ----A---- C:\Windows\system32\qdvd.dll
2013-04-10 22:52:40 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 22:52:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 22:52:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 22:52:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 22:52:35 ----A---- C:\Windows\system32\smss.exe
2013-04-10 22:52:35 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-10 22:52:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-04 17:32:50 ----D---- C:\Users\Luko\AppData\Roaming\vlc
2013-04-04 17:31:36 ----D---- C:\Program Files\VideoLAN
2013-03-26 18:36:43 ----D---- C:\Program Files\Common Files\Skype
2013-03-20 22:08:27 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-19 15:21:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-19 15:21:25 ----A---- C:\Windows\system32\elshyph.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\wextract.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\webcheck.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\vbscript.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\url.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\occache.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\msrating.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\msls31.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\mshta.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\inseng.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\imgutil.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\iexpress.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-19 15:21:24 ----A---- C:\Windows\system32\iepeers.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-19 15:21:24 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\icardie.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-19 15:21:24 ----A---- C:\Windows\system32\dxtmsft.dll
======List of files/folders modified in the last 1 month======
2013-04-16 19:43:28 ----D---- C:\Windows\Prefetch
2013-04-16 19:43:22 ----D---- C:\Windows\Temp
2013-04-16 19:43:19 ----D---- C:\Program Files\trend micro
2013-04-16 19:41:07 ----D---- C:\Windows\system32\config
2013-04-16 19:40:14 ----A---- C:\Windows\system32\log.txt
2013-04-16 19:38:26 ----D---- C:\Windows\system32\Tasks
2013-04-16 19:38:15 ----D---- C:\Temp
2013-04-16 19:38:07 ----A---- C:\Windows\system32\acovcnt.exe
2013-04-16 19:37:48 ----D---- C:\Windows
2013-04-16 19:35:41 ----RD---- C:\Program Files
2013-04-16 19:35:14 ----SHD---- C:\Windows\Installer
2013-04-16 19:35:14 ----SHD---- C:\Config.Msi
2013-04-16 19:35:14 ----RD---- C:\Program Files\Skype
2013-04-16 19:35:04 ----SHD---- C:\System Volume Information
2013-04-16 19:34:33 ----D---- C:\Program Files\Mv2Player
2013-04-16 19:32:31 ----D---- C:\Windows\system32\DriverStore
2013-04-16 19:32:31 ----D---- C:\Windows\system32\drivers
2013-04-16 19:32:31 ----D---- C:\Windows\system32\catroot
2013-04-16 19:32:31 ----D---- C:\Windows\System32
2013-04-16 19:32:31 ----D---- C:\Windows\inf
2013-04-16 19:31:37 ----D---- C:\Users\Luko\AppData\Roaming\Winamp
2013-04-16 19:31:33 ----D---- C:\Windows\Panther
2013-04-16 19:31:33 ----D---- C:\Windows\debug
2013-04-16 19:24:49 ----D---- C:\Users\Luko\AppData\Roaming\Skype
2013-04-15 14:34:17 ----D---- C:\Users\Luko\AppData\Roaming\Atheros
2013-04-13 16:40:11 ----D---- C:\Windows\rescache
2013-04-13 10:05:27 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-11 10:11:38 ----D---- C:\Windows\winsxs
2013-04-11 00:42:13 ----D---- C:\Windows\system32\wbem
2013-04-11 00:42:13 ----D---- C:\Windows\system32\sk-SK
2013-04-11 00:42:13 ----D---- C:\Windows\system32\en-US
2013-04-11 00:42:13 ----D---- C:\Windows\system32\drivers\en-US
2013-04-11 00:42:13 ----D---- C:\Windows\PolicyDefinitions
2013-04-11 00:42:09 ----D---- C:\Program Files\Internet Explorer
2013-04-11 00:24:33 ----D---- C:\Program Files\Intel
2013-04-11 00:23:04 ----D---- C:\Windows\system32\catroot2
2013-04-11 00:19:25 ----A---- C:\Windows\system32\MRT.exe
2013-04-08 09:43:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-03 18:09:41 ----D---- C:\Program Files\CCleaner
2013-03-30 15:26:57 ----D---- C:\Program Files\Counter-Strike 1.6 Standalone
2013-03-26 18:36:46 ----D---- C:\ProgramData\Skype
2013-03-26 18:36:43 ----D---- C:\Program Files\Common Files
2013-03-24 12:32:35 ----D---- C:\Windows\Logs
2013-03-19 20:16:19 ----D---- C:\Windows\system32\migration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2011-09-07 14464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 101352]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 317416]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-08-02 35488]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-08-31 2204672]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-08-02 290976]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-08-02 97440]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-08-02 25248]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 147616]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 60064]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 263968]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-08-02 436896]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-12-14 3759616]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-09-06 3663848]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1344560]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Users\Luko\Downloads\AIDA32v3942zip\aida32.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 46680]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTCFilterService;USB Networking Driver Filter Service; C:\Windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files\DU Meter\DUMETR32.SYS []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\Luko\EVEREST Ultimate Edition 5.02.1847 Beta\kerneld.wnt [2009-09-05 27248]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\Windows\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\Windows\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\Windows\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2011-04-04 20480]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2011-03-31 24064]
S3 MotoSwitchService;MotoSwitch Service; C:\Windows\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\Windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 23424]
S3 motusbdevice;Motorola USB Dev Driver; C:\Windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11008]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x86\Sandra.sys []
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 smsbda;DVB-T TV Stick; C:\Windows\system32\drivers\smsbda.sys [2009-12-03 52128]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 131000]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\Common Files\InstantOn\InsOnSrv.exe [2011-09-08 92800]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-08-02 82592]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MotoHelper;MotoHelper Service; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-23 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-13 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-23 136176]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-25 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivka notebook
Zdravim 
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
OTL logfile created on: 16. 4. 2013 21:25:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,91 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 47,28% Memory free
5,83 Gb Paging File | 4,00 Gb Available in Paging File | 68,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 23,71 Gb Free Space | 47,42% Space Free | Partition Type: NTFS
Drive E: | 415,66 Gb Total Space | 107,98 Gb Free Space | 25,98% Space Free | Partition Type: NTFS
Computer Name: LUKO-PC | User Name: Luko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/16 20:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
PRC - [2013/04/09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/03/07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/12/06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 23:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/10/04 13:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2011/10/04 13:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2011/10/03 16:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/09/29 18:06:24 | 001,547,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/09/08 15:48:32 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011/09/08 15:48:30 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011/08/02 15:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/08/02 14:58:58 | 000,827,040 | ---- | M] (Atheros Communications) -- C:\Program Files\Bluetooth Suite\BtvStack.exe
PRC - [2011/08/02 14:55:24 | 000,693,920 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
PRC - [2011/08/02 14:54:52 | 000,082,592 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AdminService.exe
PRC - [2011/07/21 16:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011/05/31 16:07:02 | 000,917,632 | ---- | M] (ASUS) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/15 11:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/04/22 02:40:00 | 000,692,296 | ---- | M] () -- C:\Program Files\TV IR\TV IR.exe
PRC - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007/04/20 15:55:58 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/02/14 15:47:01 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/09 23:31:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 23:30:54 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/09 23:30:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 23:30:29 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/09 23:30:19 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/09 23:30:14 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 23:30:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/09 23:30:10 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 23:30:00 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/12/06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/10/21 17:50:00 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011/10/04 13:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2011/09/29 18:06:24 | 000,208,384 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011/08/17 16:37:40 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/07/14 17:12:52 | 000,021,120 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2010/06/17 09:09:14 | 000,167,936 | ---- | M] () -- C:\Program Files\TV IR\RmCard.dll
MOD - [2010/04/22 02:40:00 | 000,692,296 | ---- | M] () -- C:\Program Files\TV IR\TV IR.exe
MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/03/09 11:52:48 | 000,053,248 | ---- | M] () -- C:\Program Files\TV IR\tmir.dll
MOD - [2008/01/15 00:40:04 | 000,053,248 | ---- | M] () -- C:\Program Files\TV IR\lwext.dll
MOD - [2006/01/06 14:51:00 | 000,266,303 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\magengin.dll
MOD - [2005/08/05 16:24:00 | 000,028,672 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\uPiApi.dll
MOD - [2004/12/14 12:00:00 | 000,430,080 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\FPXLIB.DLL
MOD - [2004/12/01 17:21:22 | 000,180,224 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\kgl.dll
========== Services (SafeList) ==========
SRV - [2013/04/13 10:05:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 02:02:14 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/12/25 11:20:38 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/12/06 23:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/09/08 15:48:30 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/08/02 15:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/08/02 14:54:52 | 000,082,592 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\DU Meter\DUMETR32.SYS -- (DUMeterDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Luko\Downloads\AIDA32v3942zip\aida32.sys -- (AIDA32Driver)
DRV - [2013/03/07 01:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/07 01:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/07 01:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/07 01:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/07 01:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/07 01:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/07 01:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/03/07 01:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/08/23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/11/08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/11/01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/09/07 10:55:02 | 000,014,464 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2011/08/31 00:39:02 | 002,204,672 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011/08/02 15:04:22 | 000,436,896 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2011/08/02 15:03:36 | 000,263,968 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011/08/02 15:03:20 | 000,060,064 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011/08/02 15:02:50 | 000,147,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011/08/02 15:02:34 | 000,035,488 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011/08/02 15:02:18 | 000,025,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2011/08/02 15:02:04 | 000,097,440 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2011/08/02 15:01:48 | 000,290,976 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011/06/02 11:32:50 | 000,317,416 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
DRV - [2011/06/02 11:32:50 | 000,101,352 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
DRV - [2011/04/04 15:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 15:53:24 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2011/03/18 07:36:18 | 000,046,680 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/19 17:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/08/24 18:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/04/01 15:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009/12/03 10:47:54 | 000,052,128 | ---- | M] (Siano) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smsbda.sys -- (smsbda)
DRV - [2009/09/05 19:27:12 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\Luko\EVEREST Ultimate Edition 5.02.1847 Beta\kerneld.wnt -- (EverestDriver)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/02 18:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009/01/29 18:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/23 18:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/11/02 16:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nexon.com
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 19 E0 96 89 35 CD 01 [binary data]
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: avast! WebRep = C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TVPro Control] C:\Program Files\TV IR\TV IR.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C669A37-B0EA-4ADE-B21F-4D7DC96A774A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{882DE455-8680-4E7E-BA20-BD8E71501CE1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{490ce1c3-ce72-11e1-a92b-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{490ce1c3-ce72-11e1-a92b-e4d53d80c310}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{490ce1f4-ce72-11e1-a92b-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{490ce1f4-ce72-11e1-a92b-e4d53d80c310}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4c435e3a-4291-11e1-b1cc-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{4c435e3a-4291-11e1-b1cc-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{4daf2349-5190-11e2-8302-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{4daf2349-5190-11e2-8302-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{679f9af2-cd01-11e1-a9f7-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{679f9af2-cd01-11e1-a9f7-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{7754c3d7-c2ad-11e1-904e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{7754c3d7-c2ad-11e1-904e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{77b27a27-3613-11e2-b80c-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{77b27a27-3613-11e2-b80c-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8032556b-0a28-11e2-b63e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8032556b-0a28-11e2-b63e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8032557f-0a28-11e2-b63e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8032557f-0a28-11e2-b63e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8e77d30f-cdce-11e1-adfb-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8e77d30f-cdce-11e1-adfb-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9defe6c7-4299-11e1-9661-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{9defe6c7-4299-11e1-9661-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c1a7ee37-d309-11e1-9047-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{c1a7ee37-d309-11e1-9047-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fc3189e9-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc3189e9-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fc3189fb-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc3189fb-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fc318a07-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc318a07-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013/04/16 20:59:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
[2013/04/16 14:37:11 | 000,000,000 | ---D | C] -- C:\Users\Luko\Desktop\LaP BYT
[2013/04/11 00:22:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/04/11 00:22:51 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013/04/11 00:22:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/04/11 00:22:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013/04/11 00:22:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013/04/11 00:22:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/04/11 00:22:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013/04/11 00:22:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/04/11 00:22:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013/04/11 00:22:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013/04/11 00:22:38 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013/04/11 00:22:38 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013/04/11 00:22:38 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013/04/11 00:22:38 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013/04/11 00:22:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013/04/11 00:21:41 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/11 00:21:39 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/11 00:21:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/11 00:21:39 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/11 00:21:38 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/11 00:21:37 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/11 00:21:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/11 00:21:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/04/11 00:21:37 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/11 00:21:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/11 00:18:15 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/04/10 22:52:40 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/04/10 22:52:36 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 22:52:36 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 22:52:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/04 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\Luko\AppData\Roaming\vlc
[2013/04/04 17:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/04/04 17:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/03/31 22:02:48 | 000,000,000 | ---D | C] -- C:\Users\Luko\Desktop\042013
[2013/03/26 18:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/03/20 22:08:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/19 15:21:25 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/19 15:21:25 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/19 15:21:24 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/19 15:21:24 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/19 15:21:24 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/19 15:21:24 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/19 15:21:24 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/19 15:21:24 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/19 15:21:24 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/19 15:21:24 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/19 15:21:24 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/19 15:21:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/19 15:21:24 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/19 15:21:24 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/19 15:21:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/19 15:21:24 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/19 15:21:24 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/19 15:21:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/19 15:21:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/19 15:21:24 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/19 15:21:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/19 15:21:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/19 15:21:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/19 15:21:24 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/19 15:21:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/19 15:21:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
========== Files - Modified Within 30 Days ==========
[2013/04/16 21:28:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/16 21:22:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/16 20:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
[2013/04/16 20:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/16 20:22:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:38:07 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013/04/16 19:37:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/16 19:37:35 | 2346,811,392 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/16 14:34:46 | 000,000,000 | ---- | M] () -- C:\END
[2013/04/13 10:05:27 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/04/13 10:05:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/04/11 10:10:54 | 000,410,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/08 09:43:41 | 000,630,558 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/08 09:43:41 | 000,111,218 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/04 17:31:56 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/04/03 18:09:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/19 15:21:25 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/19 15:21:25 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/19 15:21:24 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/19 15:21:24 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/19 15:21:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/19 15:21:24 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/19 15:21:24 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/19 15:21:24 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/19 15:21:24 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/19 15:21:24 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/19 15:21:24 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/19 15:21:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/19 15:21:24 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/19 15:21:24 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/19 15:21:24 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/19 15:21:24 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/19 15:21:24 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/19 15:21:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/19 15:21:24 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/19 15:21:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/19 15:21:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/19 15:21:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/19 15:21:24 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/19 15:21:24 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/03/19 15:21:24 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/19 15:21:24 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/03/19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/03/19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/03/19 06:48:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
========== Files Created - No Company Name ==========
[2013/04/16 21:03:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/04/04 17:31:56 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/19 15:21:24 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/03/05 15:39:19 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/05 15:39:17 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/12/14 02:02:20 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012/12/14 02:02:20 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012/12/14 02:02:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/12/14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/12/14 02:02:16 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012/09/16 23:01:09 | 000,000,017 | ---- | C] () -- C:\Users\Luko\AppData\Local\resmon.resmoncfg
[2012/09/16 13:52:05 | 000,687,643 | ---- | C] () -- C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
[2012/03/11 20:55:21 | 000,000,063 | ---- | C] () -- C:\Users\Luko\AppData\Local\SRDownloader.err
[2012/03/11 12:33:57 | 000,001,216 | ---- | C] () -- C:\Users\Luko\AppData\Local\SRDownloader.nast
[2011/12/26 17:09:54 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/12/26 17:08:05 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/12/23 19:26:43 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/12/23 17:20:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2011/12/23 16:58:41 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011/10/21 18:23:12 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011/10/21 18:23:10 | 000,217,536 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011/10/21 18:23:06 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2011/10/21 17:50:00 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/08/02 14:38:46 | 000,246,804 | ---- | C] () -- C:\Windows\System32\drivers\AtherosBt.bin
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/10/27 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer
[2011/12/23 18:41:36 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer Pro
[2012/12/29 21:57:13 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\DAEMON Tools Lite
[2012/01/20 16:16:18 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Motorola
[2012/02/18 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Nokia
[2011/12/29 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\OpenCandy
[2012/02/18 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\PC Suite
[2012/12/09 14:29:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Samsung
[2013/02/19 23:19:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony
[2013/02/18 19:58:42 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony Setup
[2012/06/30 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Telefónica
[2012/07/22 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 06:53:46 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011/12/23 18:21:05 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/23 18:21:06 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 14:16:46 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E --
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,91 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 47,28% Memory free
5,83 Gb Paging File | 4,00 Gb Available in Paging File | 68,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 23,71 Gb Free Space | 47,42% Space Free | Partition Type: NTFS
Drive E: | 415,66 Gb Total Space | 107,98 Gb Free Space | 25,98% Space Free | Partition Type: NTFS
Computer Name: LUKO-PC | User Name: Luko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/16 20:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
PRC - [2013/04/09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/03/07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/12/06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 23:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/10/04 13:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2011/10/04 13:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2011/10/03 16:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/09/29 18:06:24 | 001,547,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/09/08 15:48:32 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011/09/08 15:48:30 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011/08/02 15:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/08/02 14:58:58 | 000,827,040 | ---- | M] (Atheros Communications) -- C:\Program Files\Bluetooth Suite\BtvStack.exe
PRC - [2011/08/02 14:55:24 | 000,693,920 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
PRC - [2011/08/02 14:54:52 | 000,082,592 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AdminService.exe
PRC - [2011/07/21 16:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011/05/31 16:07:02 | 000,917,632 | ---- | M] (ASUS) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/15 11:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/04/22 02:40:00 | 000,692,296 | ---- | M] () -- C:\Program Files\TV IR\TV IR.exe
PRC - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007/04/20 15:55:58 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/02/14 15:47:01 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/09 23:31:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 23:30:54 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/09 23:30:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 23:30:29 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/09 23:30:19 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/09 23:30:14 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 23:30:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/09 23:30:10 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 23:30:00 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/12/06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/10/21 17:50:00 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011/10/04 13:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2011/09/29 18:06:24 | 000,208,384 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011/08/17 16:37:40 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/07/14 17:12:52 | 000,021,120 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2010/06/17 09:09:14 | 000,167,936 | ---- | M] () -- C:\Program Files\TV IR\RmCard.dll
MOD - [2010/04/22 02:40:00 | 000,692,296 | ---- | M] () -- C:\Program Files\TV IR\TV IR.exe
MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/03/09 11:52:48 | 000,053,248 | ---- | M] () -- C:\Program Files\TV IR\tmir.dll
MOD - [2008/01/15 00:40:04 | 000,053,248 | ---- | M] () -- C:\Program Files\TV IR\lwext.dll
MOD - [2006/01/06 14:51:00 | 000,266,303 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\magengin.dll
MOD - [2005/08/05 16:24:00 | 000,028,672 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\uPiApi.dll
MOD - [2004/12/14 12:00:00 | 000,430,080 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\FPXLIB.DLL
MOD - [2004/12/01 17:21:22 | 000,180,224 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia 3\kgl.dll
========== Services (SafeList) ==========
SRV - [2013/04/13 10:05:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 02:02:14 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/12/25 11:20:38 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/12/06 23:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/09/08 15:48:30 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/08/02 15:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/08/02 14:54:52 | 000,082,592 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\DU Meter\DUMETR32.SYS -- (DUMeterDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Luko\Downloads\AIDA32v3942zip\aida32.sys -- (AIDA32Driver)
DRV - [2013/03/07 01:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/07 01:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/07 01:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/07 01:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/07 01:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/07 01:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/07 01:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/03/07 01:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/08/23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/11/08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/11/01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/09/07 10:55:02 | 000,014,464 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2011/08/31 00:39:02 | 002,204,672 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011/08/02 15:04:22 | 000,436,896 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2011/08/02 15:03:36 | 000,263,968 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011/08/02 15:03:20 | 000,060,064 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011/08/02 15:02:50 | 000,147,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011/08/02 15:02:34 | 000,035,488 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011/08/02 15:02:18 | 000,025,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2011/08/02 15:02:04 | 000,097,440 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2011/08/02 15:01:48 | 000,290,976 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011/06/02 11:32:50 | 000,317,416 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
DRV - [2011/06/02 11:32:50 | 000,101,352 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
DRV - [2011/04/04 15:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 15:53:24 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2011/03/18 07:36:18 | 000,046,680 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/19 17:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/08/24 18:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/04/01 15:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2009/12/03 10:47:54 | 000,052,128 | ---- | M] (Siano) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smsbda.sys -- (smsbda)
DRV - [2009/09/05 19:27:12 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\Luko\EVEREST Ultimate Edition 5.02.1847 Beta\kerneld.wnt -- (EverestDriver)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/02 18:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009/01/29 18:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/23 18:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/11/02 16:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nexon.com
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 19 E0 96 89 35 CD 01 [binary data]
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: avast! WebRep = C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TVPro Control] C:\Program Files\TV IR\TV IR.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C669A37-B0EA-4ADE-B21F-4D7DC96A774A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{882DE455-8680-4E7E-BA20-BD8E71501CE1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{490ce1c3-ce72-11e1-a92b-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{490ce1c3-ce72-11e1-a92b-e4d53d80c310}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{490ce1f4-ce72-11e1-a92b-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{490ce1f4-ce72-11e1-a92b-e4d53d80c310}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4c435e3a-4291-11e1-b1cc-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{4c435e3a-4291-11e1-b1cc-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{4daf2349-5190-11e2-8302-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{4daf2349-5190-11e2-8302-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{679f9af2-cd01-11e1-a9f7-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{679f9af2-cd01-11e1-a9f7-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{7754c3d7-c2ad-11e1-904e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{7754c3d7-c2ad-11e1-904e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{77b27a27-3613-11e2-b80c-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{77b27a27-3613-11e2-b80c-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8032556b-0a28-11e2-b63e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8032556b-0a28-11e2-b63e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8032557f-0a28-11e2-b63e-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8032557f-0a28-11e2-b63e-e4d53d80c310}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8e77d30f-cdce-11e1-adfb-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{8e77d30f-cdce-11e1-adfb-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9defe6c7-4299-11e1-9661-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{9defe6c7-4299-11e1-9661-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c1a7ee37-d309-11e1-9047-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{c1a7ee37-d309-11e1-9047-e4d53d80c310}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fc3189e9-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc3189e9-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fc3189fb-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc3189fb-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fc318a07-d3e2-11e1-b838-e4d53d80c310}\Shell - "" = AutoRun
O33 - MountPoints2\{fc318a07-d3e2-11e1-b838-e4d53d80c310}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013/04/16 20:59:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
[2013/04/16 14:37:11 | 000,000,000 | ---D | C] -- C:\Users\Luko\Desktop\LaP BYT
[2013/04/11 00:22:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/04/11 00:22:51 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013/04/11 00:22:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/04/11 00:22:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013/04/11 00:22:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013/04/11 00:22:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/04/11 00:22:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013/04/11 00:22:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/04/11 00:22:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013/04/11 00:22:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013/04/11 00:22:38 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013/04/11 00:22:38 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013/04/11 00:22:38 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013/04/11 00:22:38 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013/04/11 00:22:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013/04/11 00:21:41 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/11 00:21:39 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/11 00:21:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/11 00:21:39 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/11 00:21:38 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/11 00:21:37 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/11 00:21:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/11 00:21:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/04/11 00:21:37 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/11 00:21:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/11 00:18:15 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/04/10 22:52:40 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/04/10 22:52:36 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 22:52:36 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 22:52:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/04 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\Luko\AppData\Roaming\vlc
[2013/04/04 17:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/04/04 17:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/03/31 22:02:48 | 000,000,000 | ---D | C] -- C:\Users\Luko\Desktop\042013
[2013/03/26 18:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/03/20 22:08:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/19 15:21:25 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/19 15:21:25 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/19 15:21:24 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/19 15:21:24 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/19 15:21:24 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/19 15:21:24 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/19 15:21:24 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/19 15:21:24 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/19 15:21:24 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/19 15:21:24 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/19 15:21:24 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/19 15:21:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/19 15:21:24 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/19 15:21:24 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/19 15:21:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/19 15:21:24 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/19 15:21:24 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/19 15:21:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/19 15:21:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/19 15:21:24 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/19 15:21:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/19 15:21:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/19 15:21:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/19 15:21:24 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/19 15:21:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/19 15:21:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
========== Files - Modified Within 30 Days ==========
[2013/04/16 21:28:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/16 21:22:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/16 20:59:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luko\Desktop\OTL.exe
[2013/04/16 20:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/16 20:22:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:38:07 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013/04/16 19:37:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/16 19:37:35 | 2346,811,392 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/16 14:34:46 | 000,000,000 | ---- | M] () -- C:\END
[2013/04/13 10:05:27 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/04/13 10:05:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/04/11 10:10:54 | 000,410,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/08 09:43:41 | 000,630,558 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/08 09:43:41 | 000,111,218 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/04 17:31:56 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/04/03 18:09:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/19 15:21:25 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/19 15:21:25 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/19 15:21:24 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/19 15:21:24 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/19 15:21:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/19 15:21:24 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/19 15:21:24 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/19 15:21:24 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/19 15:21:24 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/19 15:21:24 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/19 15:21:24 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/19 15:21:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/19 15:21:24 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/19 15:21:24 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/19 15:21:24 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/19 15:21:24 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/19 15:21:24 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/19 15:21:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/19 15:21:24 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/19 15:21:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/19 15:21:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/19 15:21:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/19 15:21:24 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/19 15:21:24 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/03/19 15:21:24 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/19 15:21:24 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/03/19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/03/19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/03/19 06:48:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
========== Files Created - No Company Name ==========
[2013/04/16 21:03:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/04/04 17:31:56 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/19 15:21:24 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/03/05 15:39:19 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/05 15:39:17 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/12/14 02:02:20 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012/12/14 02:02:20 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012/12/14 02:02:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/12/14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/12/14 02:02:16 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012/09/16 23:01:09 | 000,000,017 | ---- | C] () -- C:\Users\Luko\AppData\Local\resmon.resmoncfg
[2012/09/16 13:52:05 | 000,687,643 | ---- | C] () -- C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
[2012/03/11 20:55:21 | 000,000,063 | ---- | C] () -- C:\Users\Luko\AppData\Local\SRDownloader.err
[2012/03/11 12:33:57 | 000,001,216 | ---- | C] () -- C:\Users\Luko\AppData\Local\SRDownloader.nast
[2011/12/26 17:09:54 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/12/26 17:08:05 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/12/23 19:26:43 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/12/23 17:20:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2011/12/23 16:58:41 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011/10/21 18:23:12 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011/10/21 18:23:10 | 000,217,536 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011/10/21 18:23:06 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2011/10/21 17:50:00 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/08/02 14:38:46 | 000,246,804 | ---- | C] () -- C:\Windows\System32\drivers\AtherosBt.bin
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/10/27 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer
[2011/12/23 18:41:36 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer Pro
[2012/12/29 21:57:13 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\DAEMON Tools Lite
[2012/01/20 16:16:18 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Motorola
[2012/02/18 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Nokia
[2011/12/29 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\OpenCandy
[2012/02/18 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\PC Suite
[2012/12/09 14:29:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Samsung
[2013/02/19 23:19:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony
[2013/02/18 19:58:42 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony Setup
[2012/06/30 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Telefónica
[2012/07/22 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 06:53:46 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011/12/23 18:21:05 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/23 18:21:06 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 14:16:46 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E --
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
C:\Windows\System32\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/06/02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/06/02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011/11/17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2012/08/24 18:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012/06/02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 19:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009/07/14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012/08/22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012/08/22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010/11/20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010/11/20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011/03/11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011/03/11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011/03/11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013/03/19 04:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009/07/14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013/03/19 04:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013/03/19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013/03/19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013/03/19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012/08/22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013/01/04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2012/10/03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012/10/03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_x86_neutral_6b02d39ff7213a85\drivers\scanner\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_x86_neutral_6b02d39ff7213a85\drivers\scanner\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/12/23 19:27:33 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Adobe
[2012/09/23 21:13:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\ArcSoft
[2013/04/15 14:34:17 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Atheros
[2012/10/27 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer
[2011/12/23 18:41:36 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer Pro
[2012/12/29 21:57:13 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\DAEMON Tools Lite
[2012/08/07 16:10:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Hewlett-Packard
[2011/12/23 16:50:54 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Identities
[2011/12/23 16:58:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\InstallShield
[2011/12/23 17:31:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Macromedia
[2012/01/09 22:06:24 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Malwarebytes
[2009/07/14 09:50:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Media Center Programs
[2012/09/16 14:28:23 | 000,000,000 | --SD | M] -- C:\Users\Luko\AppData\Roaming\Microsoft
[2012/01/20 16:16:18 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Motorola
[2012/02/18 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Nokia
[2011/12/29 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\OpenCandy
[2012/02/18 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\PC Suite
[2012/12/09 14:29:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Samsung
[2013/04/16 21:31:24 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Skype
[2013/02/19 23:19:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony
[2013/02/18 19:58:42 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony Setup
[2012/06/30 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Telefónica
[2012/05/04 19:56:48 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\U3
[2013/04/14 21:51:23 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\vlc
[2012/07/22 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Vodafone
[2013/04/16 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Winamp
[2011/12/23 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009/08/11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011/12/29 14:58:32 | 000,197,640 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\OpenCandy\858F7C15B1AF47128FAD0313C1EBC7E4\SymantecRegMech_p1v1.exe
[2013/02/18 19:59:44 | 034,452,784 | ---- | M] (Apple Inc.) -- C:\Users\Luko\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
[2007/10/23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\U3\temp\cleanup.exe
[2007/10/23 09:22:56 | 003,350,528 | -H-- | M] (SanDisk Corporation) -- C:\Users\Luko\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:38:07 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2013/04/16 19:40:14 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/04/16 21:28:29 | 000,000,512 | ---- | M] () MD5=E782BAE276A417B1ECA9E95DC334B3F1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/03/19 23:13:33 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\cstrike\models\qloader.mdl
[2011/03/19 23:09:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\models\loader.mdl
[2011/03/19 23:09:55 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\sound\ambience\loader_hydra1.wav
[2011/03/19 23:09:55 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\sound\ambience\loader_step1.wav
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012/03/11 20:55:21 | 000,000,063 | ---- | M] () -- \Users\Luko\AppData\Local\SRDownloader.err
[2012/03/11 21:01:29 | 000,001,216 | ---- | M] () -- \Users\Luko\AppData\Local\SRDownloader.nast
[2012/10/27 17:34:39 | 000,000,276 | ---- | M] () -- \Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\GMXJRUV8\fileframe.sector.sk\files\onlinehry\2012-10\TruckLoader4.swf\truckloader4.sol
[2013/04/16 19:46:49 | 000,000,753 | ---- | M] () -- \Users\Luko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVY0A9T3\AdLoader[1].htm
[2013/04/16 19:46:49 | 000,105,903 | ---- | M] () -- \Users\Luko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2HI5REH\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/07/14 18:16:17 | 000,002,608 | ---- | M] () -- \Users\Luko\AppData\Local\Temp\res_Medion\1popup_loader.gif
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 09:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 09:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012/01/07 18:26:20 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012/01/07 18:26:20 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012/01/07 18:26:20 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/01/09 23:31:39 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013/01/09 23:30:40 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 22:19:06 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\518daa915c6d232fa5a3349972cc5199\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 22:18:58 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll
[2013/01/09 22:22:11 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\2252e5d4dad3601caba4860ae876954b\System.Xml.Serialization.ni.dll
[2011/04/06 17:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Xml.Serialization.dll.x86
[2013/02/14 10:36:13 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/02/14 10:36:09 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/02/14 10:36:24 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/01 13:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/14 09:42:06 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/14 09:42:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009/07/14 09:42:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009/07/14 09:41:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009/07/14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009/07/14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009/07/14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/07/14 09:42:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 09:42:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/06/02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/06/02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009/07/14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011/11/17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2012/08/24 18:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011/11/17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012/06/02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 19:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009/07/14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012/08/22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012/08/22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010/11/20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010/11/20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011/03/11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011/03/11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011/03/11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013/03/19 04:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009/07/14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013/03/19 04:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013/03/19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013/03/19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013/03/19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012/08/22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013/01/04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2012/10/03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012/10/03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_x86_neutral_6b02d39ff7213a85\drivers\scanner\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_x86_neutral_6b02d39ff7213a85\drivers\scanner\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/12/23 19:27:33 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Adobe
[2012/09/23 21:13:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\ArcSoft
[2013/04/15 14:34:17 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Atheros
[2012/10/27 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer
[2011/12/23 18:41:36 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\BSplayer Pro
[2012/12/29 21:57:13 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\DAEMON Tools Lite
[2012/08/07 16:10:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Hewlett-Packard
[2011/12/23 16:50:54 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Identities
[2011/12/23 16:58:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\InstallShield
[2011/12/23 17:31:08 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Macromedia
[2012/01/09 22:06:24 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Malwarebytes
[2009/07/14 09:50:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Media Center Programs
[2012/09/16 14:28:23 | 000,000,000 | --SD | M] -- C:\Users\Luko\AppData\Roaming\Microsoft
[2012/01/20 16:16:18 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Motorola
[2012/02/18 18:15:21 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Nokia
[2011/12/29 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\OpenCandy
[2012/02/18 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\PC Suite
[2012/12/09 14:29:29 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Samsung
[2013/04/16 21:31:24 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Skype
[2013/02/19 23:19:28 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony
[2013/02/18 19:58:42 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Sony Setup
[2012/06/30 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Telefónica
[2012/05/04 19:56:48 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\U3
[2013/04/14 21:51:23 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\vlc
[2012/07/22 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Vodafone
[2013/04/16 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\Winamp
[2011/12/23 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Luko\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009/08/11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011/12/29 14:58:32 | 000,197,640 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\OpenCandy\858F7C15B1AF47128FAD0313C1EBC7E4\SymantecRegMech_p1v1.exe
[2013/02/18 19:59:44 | 034,452,784 | ---- | M] (Apple Inc.) -- C:\Users\Luko\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
[2007/10/23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Luko\AppData\Roaming\U3\temp\cleanup.exe
[2007/10/23 09:22:56 | 003,350,528 | -H-- | M] (SanDisk Corporation) -- C:\Users\Luko\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/03/19 15:21:24 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:45:16 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/16 19:38:07 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2013/04/16 19:40:14 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/04/16 21:28:29 | 000,000,512 | ---- | M] () MD5=E782BAE276A417B1ECA9E95DC334B3F1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/03/19 23:13:33 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\cstrike\models\qloader.mdl
[2011/03/19 23:09:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\models\loader.mdl
[2011/03/19 23:09:55 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\sound\ambience\loader_hydra1.wav
[2011/03/19 23:09:55 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6 Standalone\valve\sound\ambience\loader_step1.wav
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012/03/11 20:55:21 | 000,000,063 | ---- | M] () -- \Users\Luko\AppData\Local\SRDownloader.err
[2012/03/11 21:01:29 | 000,001,216 | ---- | M] () -- \Users\Luko\AppData\Local\SRDownloader.nast
[2012/10/27 17:34:39 | 000,000,276 | ---- | M] () -- \Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\GMXJRUV8\fileframe.sector.sk\files\onlinehry\2012-10\TruckLoader4.swf\truckloader4.sol
[2013/04/16 19:46:49 | 000,000,753 | ---- | M] () -- \Users\Luko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVY0A9T3\AdLoader[1].htm
[2013/04/16 19:46:49 | 000,105,903 | ---- | M] () -- \Users\Luko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2HI5REH\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/07/14 18:16:17 | 000,002,608 | ---- | M] () -- \Users\Luko\AppData\Local\Temp\res_Medion\1popup_loader.gif
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 09:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 09:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012/01/07 18:26:20 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012/01/07 18:26:20 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012/01/07 18:26:20 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/01/09 23:31:39 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013/01/09 23:30:40 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 22:19:06 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\518daa915c6d232fa5a3349972cc5199\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 22:18:58 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll
[2013/01/09 22:22:11 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\2252e5d4dad3601caba4860ae876954b\System.Xml.Serialization.ni.dll
[2011/04/06 17:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Xml.Serialization.dll.x86
[2013/02/14 10:36:13 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/02/14 10:36:09 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/02/14 10:36:24 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/01 13:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/14 09:42:06 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/14 09:42:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009/07/14 09:42:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009/07/14 09:41:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009/07/14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009/07/14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009/07/14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/07/14 09:42:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 09:42:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
OTL Extras logfile created on: 16. 4. 2013 21:25:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,91 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 47,28% Memory free
5,83 Gb Paging File | 4,00 Gb Available in Paging File | 68,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 23,71 Gb Free Space | 47,42% Space Free | Partition Type: NTFS
Drive E: | 415,66 Gb Total Space | 107,98 Gb Free Space | 25,98% Space Free | Partition Type: NTFS
Computer Name: LUKO-PC | User Name: Luko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1C36CA-D5FC-43A5-9BD9-2F5BACB06DD8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0DF56F3C-1253-4592-A749-659F8202ADDE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2188EF9C-A13C-4E15-A332-96D09F20FB8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27EF9004-8B77-46DE-AB71-4FA86F144D92}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{2EC9B96C-4DD1-4CF4-AB95-4BEE113CE09B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33F8F84F-E12C-4040-B2D1-84E355EEC312}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C3A7E01-525B-4820-80AB-B5E522FC9609}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CE19054-43B6-4589-A2EC-1428699F2F99}" = lport=138 | protocol=17 | dir=in | app=system |
"{43EA0548-4465-475F-A274-9C9457C32C2D}" = rport=445 | protocol=6 | dir=out | app=system |
"{4932999A-FCAD-4DBF-B29B-3DA107B796DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{49CA46E2-1E08-441E-8361-57388E4637E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62B52553-C783-4482-A3C8-B3B2A5C7CC2A}" = lport=139 | protocol=6 | dir=in | app=system |
"{63A55E85-A226-4190-B187-3BDD08DBEB33}" = lport=2869 | protocol=6 | dir=in | app=system |
"{78461465-CB02-4B45-BEF4-D96096FA2673}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A45AACA-BCDD-4D51-A6E0-B34585EFC375}" = lport=137 | protocol=17 | dir=in | app=system |
"{98EE6B51-D0E8-429E-8D28-D3A291A5AF8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{9C07239B-16A8-4D80-9891-3582B6B8CB8E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E7F1AAD-3F0B-49F8-9DD8-48C32789819C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FAEB99B-2F25-425D-BBB4-F2F3C08705AB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A13C8A8A-3745-4D67-B0EE-B0CA71136380}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ACE05F44-F880-4F61-BA8F-91C81D46F86E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC0B980C-9FA7-469E-AF64-2CE1ECAC9147}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC1FF076-BF86-4A3D-ADEF-5E4EB72D006E}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA87A312-4DFC-44E1-8477-69D95697A34E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D92E241-04E0-4031-BD24-1D079A061B56}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{10B94C21-23F8-42AC-9B89-85BEFEAC1932}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{157A5843-E2B0-4F93-B517-1C26F5AFE972}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{187381CB-63AA-458F-B911-50008F67DF4D}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{31519147-2993-461B-9917-8A5B438F10F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44011674-5957-41CA-934E-E719D00019D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5376F026-4DFF-4F5D-B0EE-2C6F01FA8831}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{575EBB1B-1FFD-4E8C-B012-8A013480460D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E0B554F-54D1-4DC5-A08E-9C3252B4C8C2}" = protocol=6 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{66256950-DB1D-43AE-926C-C011350A89F3}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{85804E0E-73A0-4E49-8EF2-E4614AAC0863}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8B33D445-C764-46D6-ADFA-198DB4BD80F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EF5B4F6-9EF5-4D6F-AB65-92685B0E58E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EE4852C-85C2-484F-956F-9F3EBDFFFD5A}" = protocol=6 | dir=out | app=system |
"{A273DFCC-3F94-4BD0-994D-C19E049DF2FA}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3\totalmedia.exe |
"{A8320BFC-806E-47E4-9C5C-3302C3CF6ED5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AD2FF50C-01D5-486D-B47A-90A1EA848D7C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B0AE982D-84FE-46D5-A953-F0F450159FEF}" = protocol=17 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{BFB1A6FB-F428-444A-8C43-35BA4C6A8B37}" = protocol=17 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{D5AF7459-74C4-4EB4-A6C8-B43D953F4A86}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D9CEBF06-D45D-4D94-8612-6EC43EDE2120}" = protocol=6 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{E66386F4-1CBF-406C-87CC-0BC81085204C}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3\totalmedia.exe |
"{E944BEC7-4271-44F8-8E75-9FEB11DB7F2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA618C0D-DCE8-44EE-A3FD-8F5FBD3062FC}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EF8051A3-1393-4D77-BEC9-493FD9BED68C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4F28004-1851-490E-9520-E773D07758A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{14AE056E-B2BE-428F-8076-47D4E8A97B95}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"TCP Query User{3BCF6D80-D4EA-4C9B-A01A-B5E0A96B57D9}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{4E678F55-72F9-41F1-9700-5F79B713EA63}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{2C61CFC9-A597-4DBB-803A-11CEC170E1A3}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{9570AB35-25B5-439A-ADE6-2F2B60E46DD6}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{ED28FEBE-5651-4464-AB45-067228E4541F}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{101A497C-7EF6-4001-834D-E5FA1C70FEFA}" = Bluetooth Win7 Suite
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}" = ArcSoft TotalMedia 3
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C12B6BF-3891-497B-B5CA-3D64DA093947}" = Motorola Mobile Drivers Installation 5.4.0
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{830F8E5B-C8BE-4981-9209-1BD1C9CC262D}" = Driver 32bit
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C1FD1627-2EAF-48CB-A333-42D39BCB096D}" = TV IR
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED74696E-1781-469B-94F4-124A68B5F11C}" = ASUS Power4Gear Hybrid
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"ASUS_Screensaver" = ASUS_Screensaver
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Counter-Strike 1.6 Standalone" = Counter-Strike 1.6 Standalone
"Google Chrome" = Google Chrome
"InstallShield_{830F8E5B-C8BE-4981-9209-1BD1C9CC262D}" = Driver 32bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mp3 Knife_is1" = Mp3 Knife 3.2
"PROPLUS" = Microsoft Office Professional Plus 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 4. 2013 13:38:26 | Computer Name = Luko-PC | Source = ESENT | ID = 455
Description = Windows (3344) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000E.log.
Error - 16. 4. 2013 13:38:26 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:58 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:58 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,91 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 47,28% Memory free
5,83 Gb Paging File | 4,00 Gb Available in Paging File | 68,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 23,71 Gb Free Space | 47,42% Space Free | Partition Type: NTFS
Drive E: | 415,66 Gb Total Space | 107,98 Gb Free Space | 25,98% Space Free | Partition Type: NTFS
Computer Name: LUKO-PC | User Name: Luko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2143290961-700608080-3216521473-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1C36CA-D5FC-43A5-9BD9-2F5BACB06DD8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0DF56F3C-1253-4592-A749-659F8202ADDE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2188EF9C-A13C-4E15-A332-96D09F20FB8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27EF9004-8B77-46DE-AB71-4FA86F144D92}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{2EC9B96C-4DD1-4CF4-AB95-4BEE113CE09B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33F8F84F-E12C-4040-B2D1-84E355EEC312}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C3A7E01-525B-4820-80AB-B5E522FC9609}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CE19054-43B6-4589-A2EC-1428699F2F99}" = lport=138 | protocol=17 | dir=in | app=system |
"{43EA0548-4465-475F-A274-9C9457C32C2D}" = rport=445 | protocol=6 | dir=out | app=system |
"{4932999A-FCAD-4DBF-B29B-3DA107B796DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{49CA46E2-1E08-441E-8361-57388E4637E0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62B52553-C783-4482-A3C8-B3B2A5C7CC2A}" = lport=139 | protocol=6 | dir=in | app=system |
"{63A55E85-A226-4190-B187-3BDD08DBEB33}" = lport=2869 | protocol=6 | dir=in | app=system |
"{78461465-CB02-4B45-BEF4-D96096FA2673}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A45AACA-BCDD-4D51-A6E0-B34585EFC375}" = lport=137 | protocol=17 | dir=in | app=system |
"{98EE6B51-D0E8-429E-8D28-D3A291A5AF8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{9C07239B-16A8-4D80-9891-3582B6B8CB8E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E7F1AAD-3F0B-49F8-9DD8-48C32789819C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FAEB99B-2F25-425D-BBB4-F2F3C08705AB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A13C8A8A-3745-4D67-B0EE-B0CA71136380}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ACE05F44-F880-4F61-BA8F-91C81D46F86E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC0B980C-9FA7-469E-AF64-2CE1ECAC9147}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC1FF076-BF86-4A3D-ADEF-5E4EB72D006E}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA87A312-4DFC-44E1-8477-69D95697A34E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D92E241-04E0-4031-BD24-1D079A061B56}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{10B94C21-23F8-42AC-9B89-85BEFEAC1932}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{157A5843-E2B0-4F93-B517-1C26F5AFE972}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{187381CB-63AA-458F-B911-50008F67DF4D}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{31519147-2993-461B-9917-8A5B438F10F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44011674-5957-41CA-934E-E719D00019D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5376F026-4DFF-4F5D-B0EE-2C6F01FA8831}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{575EBB1B-1FFD-4E8C-B012-8A013480460D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E0B554F-54D1-4DC5-A08E-9C3252B4C8C2}" = protocol=6 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{66256950-DB1D-43AE-926C-C011350A89F3}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{85804E0E-73A0-4E49-8EF2-E4614AAC0863}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8B33D445-C764-46D6-ADFA-198DB4BD80F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EF5B4F6-9EF5-4D6F-AB65-92685B0E58E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EE4852C-85C2-484F-956F-9F3EBDFFFD5A}" = protocol=6 | dir=out | app=system |
"{A273DFCC-3F94-4BD0-994D-C19E049DF2FA}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3\totalmedia.exe |
"{A8320BFC-806E-47E4-9C5C-3302C3CF6ED5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AD2FF50C-01D5-486D-B47A-90A1EA848D7C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B0AE982D-84FE-46D5-A953-F0F450159FEF}" = protocol=17 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{BFB1A6FB-F428-444A-8C43-35BA4C6A8B37}" = protocol=17 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{D5AF7459-74C4-4EB4-A6C8-B43D953F4A86}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D9CEBF06-D45D-4D94-8612-6EC43EDE2120}" = protocol=6 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{E66386F4-1CBF-406C-87CC-0BC81085204C}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3\totalmedia.exe |
"{E944BEC7-4271-44F8-8E75-9FEB11DB7F2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA618C0D-DCE8-44EE-A3FD-8F5FBD3062FC}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EF8051A3-1393-4D77-BEC9-493FD9BED68C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4F28004-1851-490E-9520-E773D07758A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{14AE056E-B2BE-428F-8076-47D4E8A97B95}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"TCP Query User{3BCF6D80-D4EA-4C9B-A01A-B5E0A96B57D9}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{4E678F55-72F9-41F1-9700-5F79B713EA63}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{2C61CFC9-A597-4DBB-803A-11CEC170E1A3}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{9570AB35-25B5-439A-ADE6-2F2B60E46DD6}C:\program files\counter-strike 1.6 standalone\launcher.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 standalone\launcher.exe |
"UDP Query User{ED28FEBE-5651-4464-AB45-067228E4541F}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{101A497C-7EF6-4001-834D-E5FA1C70FEFA}" = Bluetooth Win7 Suite
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}" = ArcSoft TotalMedia 3
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C12B6BF-3891-497B-B5CA-3D64DA093947}" = Motorola Mobile Drivers Installation 5.4.0
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{830F8E5B-C8BE-4981-9209-1BD1C9CC262D}" = Driver 32bit
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C1FD1627-2EAF-48CB-A333-42D39BCB096D}" = TV IR
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED74696E-1781-469B-94F4-124A68B5F11C}" = ASUS Power4Gear Hybrid
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"ASUS_Screensaver" = ASUS_Screensaver
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Counter-Strike 1.6 Standalone" = Counter-Strike 1.6 Standalone
"Google Chrome" = Google Chrome
"InstallShield_{830F8E5B-C8BE-4981-9209-1BD1C9CC262D}" = Driver 32bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mp3 Knife_is1" = Mp3 Knife 3.2
"PROPLUS" = Microsoft Office Professional Plus 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 4. 2013 13:38:26 | Computer Name = Luko-PC | Source = ESENT | ID = 455
Description = Windows (3344) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000E.log.
Error - 16. 4. 2013 13:38:26 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 16. 4. 2013 13:38:27 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 16. 4. 2013 13:38:28 | Computer Name = Luko-PC | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:47 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:56 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 16. 4. 2013 13:38:58 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový
limit (30000 ms).
Error - 16. 4. 2013 13:38:58 | Computer Name = Luko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
%%1053
< End of report >
Re: preventivka notebook
Jedna mala technicka. Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
tento notebok pouziva moj otec v praci teraz je na par dni doma tak som chcel aby ste sa na neho pozreli.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2013.04.17.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16540
Luko :: LUKO-PC [administrátor]
17. 4. 2013 14:51:52
mbam-log-2013-04-17 (14-51-52).txt
Typ kontroly: Úplná kontrola (C:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 307554
Uplynutý čas: 1 hod, 3 min, 32 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verzia databázy: v2013.04.17.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16540
Luko :: LUKO-PC [administrátor]
17. 4. 2013 14:51:52
mbam-log-2013-04-17 (14-51-52).txt
Typ kontroly: Úplná kontrola (C:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 307554
Uplynutý čas: 1 hod, 3 min, 32 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
Re: preventivka notebook
MBAM odinstalujte.
Pokud je to ale pracovni/firemni pc, pravidla fora neumoznujou pokracovani
Pokud je to ale pracovni/firemni pc, pravidla fora neumoznujou pokracovani
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
ono je to jeho osobny pc ale ma tam svoje pracovne veci.windows mu instalovali v praci tak snad je v pohode.
ale ked to nejde nic sa nedeje aj tak dakujem za vas cas.
ale ked to nejde nic sa nedeje aj tak dakujem za vas cas.
Re: preventivka notebook
A ma je poradne zazalohovane, kdyby se nahodou neco zvrtlo?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
tak nema nic zazalohovane...ale skusim nieco dat na usb
Re: preventivka notebook
Tak na vasi zodpovednost...
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Je s tim pocitacem nejaky problem, nebo jde ciste o preventivku?
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Je s tim pocitacem nejaky problem, nebo jde ciste o preventivku?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
je to iba preventivka...
# AdwCleaner v2.200 - Log vytvorený 18/04/2013 o 22:56:35
# Aktualizované 02/04/2013 Xplode
# Operaený systém : Windows 7 Ultimate Service Pack 1 (32 bits)
# Uživateľ : Luko - LUKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Luko\Desktop\adwcleaner.exe
# Voľba [Prehľada?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\ProgramData\InstallMate
Adresár Nájdené : C:\Users\Luko\AppData\Roaming\OpenCandy
Súbor Nájdené : C:\END
***** [Registre] *****
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Nájdené : HKCU\Software\Conduit
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Kľúe Nájdené : HKLM\Software\Conduit
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Nájdené : HKLM\SOFTWARE\Software
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registre sú eisté.
-\\ Google Chrome v26.0.1410.64
Súbor : C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [1561 octets] - [18/04/2013 22:56:35]
########## EOF - C:\AdwCleaner[R1].txt - [1621 octets] ##########
# AdwCleaner v2.200 - Log vytvorený 18/04/2013 o 22:56:35
# Aktualizované 02/04/2013 Xplode
# Operaený systém : Windows 7 Ultimate Service Pack 1 (32 bits)
# Uživateľ : Luko - LUKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Luko\Desktop\adwcleaner.exe
# Voľba [Prehľada?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\ProgramData\InstallMate
Adresár Nájdené : C:\Users\Luko\AppData\Roaming\OpenCandy
Súbor Nájdené : C:\END
***** [Registre] *****
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Nájdené : HKCU\Software\Conduit
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Kľúe Nájdené : HKLM\Software\Conduit
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Nájdené : HKLM\SOFTWARE\Software
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registre sú eisté.
-\\ Google Chrome v26.0.1410.64
Súbor : C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [1561 octets] - [18/04/2013 22:56:35]
########## EOF - C:\AdwCleaner[R1].txt - [1621 octets] ##########
Re: preventivka notebook
Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.
Pak novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
luko
- Návštěvník
- Příspěvky: 151
- Registrován: 01 říj 2005 16:52
- Bydliště: Poprad
- Kontaktovat uživatele:
Re: preventivka notebook
# AdwCleaner v2.200 - Log vytvorený 19/04/2013 o 14:47:50
# Aktualizované 02/04/2013 Xplode
# Operaený systém : Windows 7 Ultimate Service Pack 1 (32 bits)
# Uživateľ : Luko - LUKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Luko\Desktop\adwcleaner.exe
# Voľba [Vymaza?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\ProgramData\InstallMate
Adresár Vymazané : C:\Users\Luko\AppData\Roaming\OpenCandy
Súbor Vymazané : C:\END
***** [Registre] *****
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Vymazané : HKCU\Software\Conduit
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Kľúe Vymazané : HKLM\Software\Conduit
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Vymazané : HKLM\SOFTWARE\Software
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registre sú eisté.
-\\ Google Chrome v26.0.1410.64
Súbor : C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [1690 octets] - [18/04/2013 22:56:35]
AdwCleaner[S1].txt - [1491 octets] - [19/04/2013 14:47:50]
########## EOF - C:\AdwCleaner[S1].txt - [1551 octets] ##########
# Aktualizované 02/04/2013 Xplode
# Operaený systém : Windows 7 Ultimate Service Pack 1 (32 bits)
# Uživateľ : Luko - LUKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Luko\Desktop\adwcleaner.exe
# Voľba [Vymaza?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\ProgramData\InstallMate
Adresár Vymazané : C:\Users\Luko\AppData\Roaming\OpenCandy
Súbor Vymazané : C:\END
***** [Registre] *****
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Vymazané : HKCU\Software\Conduit
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Kľúe Vymazané : HKLM\Software\Conduit
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Kľúe Vymazané : HKLM\SOFTWARE\Software
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registre sú eisté.
-\\ Google Chrome v26.0.1410.64
Súbor : C:\Users\Luko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [1690 octets] - [18/04/2013 22:56:35]
AdwCleaner[S1].txt - [1491 octets] - [19/04/2013 14:47:50]
########## EOF - C:\AdwCleaner[S1].txt - [1551 octets] ##########
Přispějete na provoz fóra?
