Zdravím
Posielam tie dva logy
OTL logfile created on: 5. 6. 2014 9:25:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aquapro\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,24 Gb Total Physical Memory | 0,34 Gb Available Physical Memory | 27,67% Memory free
2,48 Gb Paging File | 1,41 Gb Available in Paging File | 56,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 2,91 Gb Free Space | 9,95% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 30,64 Gb Free Space | 67,73% Space Free | Partition Type: NTFS
Computer Name: AQUAPRO-PC | User Name: Aquapro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/05 09:22:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aquapro\Downloads\OTL (1).exe
PRC - [2014/05/27 13:45:35 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2014/05/27 13:45:15 | 000,425,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2014/05/27 13:45:10 | 000,737,872 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/05/27 13:45:10 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/05/14 01:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/09 08:10:39 | 000,263,048 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
PRC - [2014/04/25 11:56:12 | 012,971,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/04/25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/04/25 11:42:00 | 000,238,400 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/01/29 19:13:12 | 001,668,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2013/01/29 19:13:12 | 001,093,744 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2012/08/03 09:01:00 | 003,801,736 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014/05/14 01:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/14 01:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/14 01:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2013/03/04 10:25:00 | 000,193,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
MOD - [2013/03/04 08:40:45 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2013/03/04 08:40:14 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2013/03/04 08:37:15 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2013/03/04 08:36:49 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2013/03/04 08:36:23 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011/06/22 12:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2011/05/31 16:45:50 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2009/02/26 14:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
========== Services (SafeList) ==========
SRV - [2014/05/27 13:45:35 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/05/27 13:45:10 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/05/14 10:43:30 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/21 16:49:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Aquapro\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014/05/27 13:45:11 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2014/05/27 13:45:10 | 000,093,528 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/10/01 13:48:39 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/12/12 14:33:20 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/10/12 22:15:06 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.dalesearch.com/?babsrc=HP_ss ... 0&tsp=5008
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 BF 9D 85 50 AD CE 01 [binary data]
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://www.dalesearch.com/?q={searchTer ... 0&tsp=5008
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/09/17 15:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/12 10:27:46 | 000,093,976 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Abstract-Blue = C:\Users\Aquapro\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0\
O1 HOSTS File: ([2013/01/21 14:22:38 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Rich Media Downloader) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Aquapro\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3035887750-930535871-2281112751-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll File not found
O9 - Extra Button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Aquapro\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52D93D49-56B4-4A68-B328-853B23519C88}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/06/05 09:24:54 | 000,000,000 | ---D | C] -- C:\_OTL
========== Files - Modified Within 30 Days ==========
[2014/06/05 09:30:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/05 09:16:50 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/05 08:48:01 | 000,014,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/05 08:48:01 | 000,014,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/05 08:41:27 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/05 08:41:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/05 08:40:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/05 08:39:57 | 999,952,384 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/27 13:45:11 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2014/05/27 13:45:10 | 000,093,528 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2014/05/26 08:18:25 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/14 10:43:22 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/14 10:43:22 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/07 11:36:34 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/07 11:36:34 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2014/06/05 09:00:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/11/11 14:47:26 | 000,000,132 | ---- | C] () -- C:\Users\Aquapro\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/08/13 15:19:07 | 000,153,151 | ---- | C] () -- C:\Users\Aquapro\Karol Roubal.jpeg
[2013/03/12 08:17:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/12 08:17:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/12 08:17:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/12 08:17:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/12 08:17:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/02/08 12:33:29 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013/02/08 12:28:56 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013/01/28 14:16:47 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssw1ml3.dll
[2013/01/22 10:16:12 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SvcMan.exe
[2013/01/22 10:11:45 | 000,471,040 | ---- | C] () -- C:\Windows\ssndii.exe
[2013/01/22 10:07:42 | 000,124,792 | ---- | C] () -- C:\Windows\WiaInst.exe
[2013/01/22 10:07:21 | 000,011,264 | R--- | C] () -- C:\Windows\System32\sssegfilter.dll
[2013/01/22 10:07:20 | 000,027,136 | R--- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2013/01/22 10:07:20 | 000,010,752 | R--- | C] () -- C:\Windows\System32\sserrhandler.dll
[2013/01/22 10:07:19 | 000,217,088 | R--- | C] () -- C:\Windows\System32\ssminidriver.dll
[2012/12/12 14:30:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ssdevm.dll
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/11 14:12:05 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Azureus
[2013/09/17 15:39:50 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Babylon
[2013/09/17 14:53:59 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\BSplayer
[2013/09/17 14:52:30 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\BSplayer Pro
[2013/01/21 15:55:26 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\GHISLER
[2013/02/28 14:48:47 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\IrfanView
[2013/10/16 13:51:34 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Notepad++
[2013/08/20 11:53:25 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\OpenOffice
[2013/03/20 10:50:17 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Opera
[2013/09/17 14:54:19 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Radiocom
[2013/02/04 16:13:20 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Samsung
[2013/06/13 07:55:24 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Softplicity
[2014/05/02 08:13:39 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Solvusoft
[2013/10/30 15:04:21 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Stylus Studio
[2013/09/17 15:48:37 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Systweak
[2014/04/14 10:50:51 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\TeamViewer
[2013/03/11 11:56:31 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\TestApp
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 06:53:46 | 000,032,584 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/01/21 11:54:37 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/01/21 11:54:38 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 15:51:39 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\erdnt\cache\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\erdnt\cache\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/11/12 11:53:46 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Adobe
[2013/05/20 07:39:44 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Avira
[2013/03/06 09:46:41 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\AVS4YOU
[2013/11/11 14:12:05 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Azureus
[2013/09/17 15:39:50 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Babylon
[2013/09/17 14:53:59 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\BSplayer
[2013/09/17 14:52:30 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\BSplayer Pro
[2013/01/21 15:55:26 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\GHISLER
[2013/01/21 11:45:55 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Identities
[2013/02/28 14:48:47 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\IrfanView
[2009/07/14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Media Center Programs
[2013/11/11 14:59:25 | 000,000,000 | --SD | M] -- C:\Users\Aquapro\AppData\Roaming\Microsoft
[2013/10/16 13:51:34 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Notepad++
[2013/08/20 11:53:25 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\OpenOffice
[2013/03/20 10:50:17 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Opera
[2013/09/17 14:54:19 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Radiocom
[2013/02/04 16:13:20 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Samsung
[2013/06/13 07:55:24 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Softplicity
[2014/05/02 08:13:39 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Solvusoft
[2013/10/30 15:04:21 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Stylus Studio
[2013/09/17 15:48:37 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\Systweak
[2014/04/14 10:50:51 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\TeamViewer
[2013/03/11 11:56:31 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\TestApp
[2013/01/22 09:25:34 | 000,000,000 | ---D | M] -- C:\Users\Aquapro\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2013/01/21 13:44:33 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Aquapro\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2009/08/11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Aquapro\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013/02/07 11:45:34 | 000,022,486 | R--- | M] () -- C:\Users\Aquapro\AppData\Roaming\Microsoft\Installer\{5FF3B3AC-57B8-4DAA-915C-D580D1B72716}\_B9D5F7C55C2563F1929ED8.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
< %systemroot%\Tasks\*.job >
[2014/06/05 09:41:47 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/06/05 08:41:27 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/05 09:16:50 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014/06/05 08:48:01 | 000,014,336 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/05 08:48:01 | 000,014,336 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/01/21 16:55:34 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=B201AF83DF2E85323E29EB83E4046810 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013/03/20 10:49:51 | 000,879,456 | ---- | M] (Opera Software) MD5=2ABD166EC31BE154D8CBEEC5D7F5714C -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014/05/14 01:40:56 | 000,860,488 | ---- | M] (Google Inc.) MD5=1620FE36666F4BBC2314B7F360FB1965 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/06/05 09:30:19 | 000,000,512 | ---- | M] () MD5=A67192784F19B9F86A3D988D1F4CBCBE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2014/05/27 13:45:16 | 000,044,112 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2014/05/27 13:45:17 | 000,494,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2014/05/27 13:45:17 | 000,193,104 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2012/02/23 08:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/23 08:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/23 08:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/07/18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2013/07/10 22:08:32 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2013/07/16 15:31:10 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2013/07/10 22:08:34 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2013/07/16 16:44:12 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2013/07/16 15:21:10 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2013/07/10 15:46:18 | 000,013,420 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2010/06/28 11:01:54 | 000,032,509 | ---- | M] () -- \Program Files\Stylus Studio X15 XML Enterprise Suite\Components\DataDirect XQuery\examples\DataLoader\dataloader.jar
[2013/09/17 15:40:38 | 000,001,048 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FU93LIYK\downloader[1].htm
[2013/09/18 07:42:03 | 000,019,497 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FU93LIYK\loader[1].gif
[2013/09/17 15:40:08 | 000,001,048 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M491K0X8\downloader[1].htm
[2013/09/17 14:50:08 | 000,022,002 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M491K0X8\ProgressLoader[1].gif
[2013/09/17 15:37:44 | 000,077,247 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M491K0X8\universaldownloader-prefetch[1].htm
[2013/01/21 11:48:48 | 000,002,545 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E54JQN1L\ajax-loader[1].gif
[2013/01/21 11:46:48 | 000,016,948 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E54JQN1L\loader[1].gif
[2013/01/21 11:49:55 | 000,003,705 | ---- | M] () -- \Users\Aquapro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q6OI7UB8\lang_loader[1].gif
[2013/07/03 13:51:14 | 000,155,928 | ---- | M] () -- \Users\Aquapro\AppData\Local\Rich Media Player\{B1820CFD-FC69-4DEF-8388-6E80E20E5731}\IE\RichMediaDownloader.dll
[2013/09/17 14:49:57 | 000,006,494 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a01676\ProgData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12\modules\skin\ajax-loader.gif
[2013/09/17 14:49:58 | 000,000,729 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a01676\ProgData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12\modules\skin\loader.gif
[2013/09/17 14:49:58 | 000,019,497 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a01676\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013/09/17 14:50:30 | 000,006,494 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a02384\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5\modules\skin\ajax-loader.gif
[2013/09/17 14:50:30 | 000,000,729 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a02384\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5\modules\skin\loader.gif
[2013/09/17 14:50:30 | 000,019,497 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\avg_a02384\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013/07/23 11:49:28 | 000,051,005 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\scoped_dir_3652_4340\richmediadownloader.crx
[2013/09/17 14:53:54 | 000,085,784 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\scoped_dir_3652_4340\CRX_INSTALL\nprichmediadownloader.dll
[2013/09/17 14:50:30 | 000,019,497 | ---- | M] () -- \Users\Aquapro\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2013/02/08 13:58:29 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2013/02/08 13:58:29 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2013/02/08 13:58:29 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
========== Files - Unicode (All) ==========
[2013/09/27 08:56:35 | 098,009,570 | ---- | M] ()(C:\Windows\System32\???v) -- C:\Windows\System32\㦲翷v
[2013/09/27 08:56:35 | 098,009,570 | ---- | C] ()(C:\Windows\System32\???v) -- C:\Windows\System32\㦲翷v
[2013/09/25 13:38:42 | 097,729,025 | ---- | M] ()(C:\Windows\System32\???n) -- C:\Windows\System32\㪷䘒n
[2013/09/25 13:38:42 | 097,729,025 | ---- | C] ()(C:\Windows\System32\???n) -- C:\Windows\System32\㪷䘒n
[2013/09/13 07:43:15 | 097,443,711 | ---- | M] ()(C:\Windows\System32\???s) -- C:\Windows\System32\쒝s
[2013/09/13 07:43:15 | 097,443,711 | ---- | C] ()(C:\Windows\System32\???s) -- C:\Windows\System32\쒝s
[2013/09/05 13:41:10 | 096,044,050 | ---- | M] ()(C:\Windows\System32\???~) -- C:\Windows\System32\霷炓~
[2013/09/05 13:41:10 | 096,044,050 | ---- | C] ()(C:\Windows\System32\???~) -- C:\Windows\System32\霷炓~
========== Alternate Data Streams ==========
@Alternate Data Stream - 176 bytes -> C:\Users\Aquapro\Karol Roubal.jpeg:3or4kl4x13tuuug3Byamue2s4b
< End of report >
OTL Extras logfile created on: 5. 6. 2014 9:25:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aquapro\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,24 Gb Total Physical Memory | 0,34 Gb Available Physical Memory | 27,67% Memory free
2,48 Gb Paging File | 1,41 Gb Available in Paging File | 56,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 2,91 Gb Free Space | 9,95% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 30,64 Gb Free Space | 67,73% Space Free | Partition Type: NTFS
Computer Name: AQUAPRO-PC | User Name: Aquapro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3035887750-930535871-2281112751-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015E7412-40E1-406F-81A5-BF8B4A9B6126}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{017355C6-F7CC-42A9-A1C6-965FFE8B56D2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DD23A1A-4449-44B8-98B7-0719793FE7BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1F5FFF54-BBE4-450E-97E7-9ADD66FA12CA}" = lport=139 | protocol=6 | dir=in | app=system |
"{22E4098E-D83D-49B0-BAB9-8C73B76C5DFE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{282EB62F-54AE-43CA-AAC4-F2A7DF128273}" = rport=10243 | protocol=6 | dir=out | app=system |
"{33968FDD-52C2-4D36-B36A-4410BE596183}" = lport=138 | protocol=17 | dir=in | app=system |
"{3B92F708-7833-4B29-96DF-3FB8B0BBCA5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{3F84B0F2-3ED4-42E6-9F50-883266D75BF7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5DF3E32B-25FA-4498-9D8E-C64BCBB833D4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F1AA003-C8D5-4CB4-B4F1-21D0197ABABE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68A0E905-1525-43AD-8C77-873D04C90C8E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6DC9D8C7-C589-42A3-96FB-5E5C59BEE166}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F8B7B77-BEC7-4211-A044-10CD5A502004}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71037E7B-C954-418C-A80D-6A497FC4D803}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80EA1571-91C7-41A4-A532-F82771F9C00D}" = lport=137 | protocol=17 | dir=in | app=system |
"{997016DD-7A74-478F-A127-9EFD9D0E2249}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A028FA4C-7A2A-4789-ADD9-F91680BD8A17}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A285D855-ADB8-4271-8BC9-5D686CEB4045}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A927027C-F18B-4210-950A-C86C6CE57635}" = rport=445 | protocol=6 | dir=out | app=system |
"{CFF8F688-3D77-49D3-89CF-291D8ABFDD29}" = lport=445 | protocol=6 | dir=in | app=system |
"{D09293CA-C808-4519-A3F9-3A525BDE8082}" = rport=138 | protocol=17 | dir=out | app=system |
"{D263C3E9-B5ED-4360-8AD5-5688DDF13FB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{D29AC45E-8CDE-4330-B9B5-C52DAE25A33F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D6112C85-CA94-428D-AEB7-208A8434B227}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{DD9E6A74-B545-4B11-8222-F574F96E83BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E18A477B-95DC-49EE-8D3A-A0C3F8043C38}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0ED6AE8-302A-41CD-A399-AC0A71843E50}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F54E6C70-D2DC-4398-ACD4-B1D47C47A7E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F93B36FC-A09E-4D0C-BF2E-0F328353E446}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBECBEAF-B913-4C0F-9830-0DA14C28DF4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF4FCE12-2CDC-434F-A3B3-BCB8A60C3657}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05355789-26D8-4DAC-96B6-882C6EB59F9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1965D479-239B-4062-A654-797A01CD7DB8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{1EBA1E9C-FBF6-4B36-B4DB-9871F2EFB3CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{228AB0D0-AD96-46D9-937B-4C272260881E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{31E228F8-BAC6-43A1-99A8-F3F4A4D9D59C}" = protocol=17 | dir=in | app=c:\users\aquapro\downloads\sweetimsetup (1).exe |
"{3B61501C-897D-4629-9E41-EBB583443812}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3B94BE2A-C207-456B-973A-74FBA559A6F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46908616-E4D8-47BA-8A28-7546FDBEADBF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{47A5D151-297E-4DFD-B024-3C8D0D055E68}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{54D91071-7F55-4C7F-A510-F070A96EB8CE}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{684CE5F1-ACCA-42E3-9BF6-D99D1ACCD8FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6E6DDE3E-75AB-4251-8A94-8C281D47A33C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{727141CC-FD1B-4B6B-9E78-B2BE5D42A42C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8436B5FF-3F27-4D1C-A71D-46ACC70867A1}" = protocol=6 | dir=out | app=system |
"{9BD28123-21BC-47FB-AE7A-292F5337B9E3}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{A8A5E9BE-41DE-4EA2-90C4-44815EEB10A3}" = protocol=17 | dir=in | app=c:\program files\samsung\easy printer manager\uninstall.exe |
"{B3AB4959-3607-4296-AB4E-BA191C578E23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BC902854-5351-4FEC-B8B7-6DA3D07761A0}" = protocol=6 | dir=in | app=c:\program files\samsung\easy printer manager\uninstall.exe |
"{BC9AF06F-F068-4FA3-AF27-96815ADCC95A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{BDBCD9DE-8173-494D-8490-C9F6B797B9D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0D3319C-08C7-409F-84FA-25FBDB58B3B9}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C4E5EEDB-AF80-40D6-822E-30160682433D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D055067A-D3BD-48BF-8E54-A497C7C42BA0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{DDD3EEB3-31AF-499D-8A8C-C959FF771105}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E61F9B0C-1E57-40E8-9E6F-942787BFE28A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E6526107-DF7A-4DCB-92AC-DFC300093CF8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{EE955526-CBC2-4812-877F-9A8AC5B7DA5F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F55E4066-1BD2-49BA-97F0-AE3D4661310D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F7A81FDD-57F0-407B-BF69-BFE825EC2A9A}" = protocol=6 | dir=in | app=c:\users\aquapro\downloads\sweetimsetup (1).exe |
"TCP Query User{F60B9329-2B56-4C2E-AB78-0868CAA61117}C:\program files\stylus studio 2009 release 2 xml enterprise suite\bin\struzzo.exe" = protocol=6 | dir=in | app=c:\program files\stylus studio 2009 release 2 xml enterprise suite\bin\struzzo.exe |
"UDP Query User{A25C0B2B-2531-4670-ACE6-27B856697C29}C:\program files\stylus studio 2009 release 2 xml enterprise suite\bin\struzzo.exe" = protocol=17 | dir=in | app=c:\program files\stylus studio 2009 release 2 xml enterprise suite\bin\struzzo.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{50D887F4-9A93-46BD-AFA1-60C611A9990F}" = Stylus Studio X15 XML Enterprise Suite
"{5FF3B3AC-57B8-4DAA-915C-D580D1B72716}" = Datecs
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B645BA5F-A4CD-44B8-BE37-A0F6BDF4A6D3}" = OpenOffice 4.0.0
"{B8EC0AD1-E8E3-42C3-9BAB-6A14E96FD136}" = Microsoft Mouse and Keyboard Center
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FD3E4B4E-9486-4556-96C5-5B7DD0101D63}" = ExpressShip
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSPlayerf" = BS.Player FREE
"Google Chrome" = Google Chrome
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Notepad++" = Notepad++
"Opera 12.14.1738" = Opera 12.14
"PROPLUS" = Microsoft Office Professional Plus 2007
"Samsung SCX-4x21 Series" = Samsung SCX-4x21 Series
"TeamViewer 9" = TeamViewer 9
"Totalcmd" = Total Commander (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15. 5. 2014 18:33:43 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 18. 5. 2014 3:21:31 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 20. 5. 2014 2:26:10 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 26. 5. 2014 3:02:53 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 26. 5. 2014 6:44:05 | Computer Name = Aquapro-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 27. 5. 2014 2:39:44 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 28. 5. 2014 6:03:45 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3. 6. 2014 4:06:47 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 4. 6. 2014 5:12:32 | Computer Name = Aquapro-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5. 6. 2014 3:21:59 | Computer Name = Aquapro-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: d1c Start Time:
01cf808ad166608d Termination Time: 36 Application Path: C:\Users\Aquapro\Downloads\OTL.exe
Report
Id:
[ OSession Events ]
Error - 28. 1. 2013 9:46:37 | Computer Name = Aquapro-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.4518.1014. This session lasted 2369
seconds with 0 seconds of active time. This session ended with a crash.
Error - 4. 2. 2014 10:04:41 | Computer Name = Aquapro-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21737
seconds with 1020 seconds of active time. This session ended with a crash.
Error - 11. 2. 2014 9:18:18 | Computer Name = Aquapro-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13. 1. 2014 2:46:09 | Computer Name = Aquapro-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Networking Identity Manager, od ktorej závisí
služba Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%1053
Error - 13. 1. 2014 2:46:09 | Computer Name = Aquapro-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Networking Identity Manager, od ktorej závisí
služba Peer Name Resolution Protocol, zlyhalo kvôli nasledujúcej chybe: %%1053
Error - 13. 1. 2014 7:59:41 | Computer Name = Aquapro-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 15. 1. 2014 8:34:00 | Computer Name = Aquapro-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 16. 1. 2014 4:46:30 | Computer Name = Aquapro-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 17. 1. 2014 2:41:33 | Computer Name = Aquapro-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby Netman bol dosiahnutý
časový limit (30000 ms).
Error - 17. 1. 2014 2:41:33 | Computer Name = Aquapro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Network Connections zlyhalo kvôli nasledujúcej chybe:
%%1053
Error - 17. 1. 2014 2:41:33 | Computer Name = Aquapro-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Network Connections, od ktorej závisí služba Internet
Connection Sharing (ICS), zlyhalo kvôli nasledujúcej chybe: %%1053
Error - 17. 1. 2014 8:05:58 | Computer Name = Aquapro-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 21. 1. 2014 4:52:10 | Computer Name = Aquapro-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
< End of report >