Zdravím, mám problem s virem ST. Včera jsem to vyřešil s RSIT, ale dnes už to tak lehce nešlo. Prosím o radu, díky.
Tady ještě 2 logy:
1.
Logfile of random's system information tool 1.06 (written by random/random)
Run by hp at 2010-05-04 17:44:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 221 GB (46%) free of 477 GB
Total RAM: 3070 MB (83% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2009-10-01 70992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-10-01 452016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-30 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50d0cd27-d4ef-4a21-917e-a1573771def4}]
forumswatcher.com Toolbar - C:\Program Files\forumswatcher.com\tbforu.dll [2008-11-23 1784856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669163c1-c4b9-46de-ad62-a0271d3a0a75}]
USARadioNow Toolbar - C:\Program Files\USARadioNow\tbUSAR.dll [2009-01-07 1880600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-01 812528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9c9a8c9-460d-4343-888e-ae02bcc3ce57}]
speedapps Toolbar - C:\Program Files\speedapps\tbspee.dll [2008-08-20 1780248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll [2010-03-18 194912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - speedapps Toolbar - C:\Program Files\speedapps\tbspee.dll [2008-08-20 1780248]
{50d0cd27-d4ef-4a21-917e-a1573771def4} - forumswatcher.com Toolbar - C:\Program Files\forumswatcher.com\tbforu.dll [2008-11-23 1784856]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-30 333192]
{669163c1-c4b9-46de-ad62-a0271d3a0a75} - USARadioNow Toolbar - C:\Program Files\USARadioNow\tbUSAR.dll [2009-01-07 1880600]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-10-01 452016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPGServiceTool"=C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe [2008-05-15 688128]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13683232]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-02-21 1093208]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2009-10-01 24688]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-10-01 32838]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-17 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-25 39408]
"Steam"=c:\program files\steam\steam.exe [2010-04-27 1238352]
"Google Update"=C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-25 133104]
"RGSC"=D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"PC Suite Tray"=D:\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]
"IEPR"=C:\Users\hp\AppData\Local\TempImages\IEPR.exe [2008-11-26 24576]
"iOmem"=C:\Users\hp\AppData\Local\TempImages\iOmem101.exe [2009-01-04 53248]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-10-01 32838]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"38963029"=C:\ProgramData\38963029\38963029.exe [2010-05-04 1010176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TotalMedia Backup Monitor.lnk - D:\ArcSoft\TotalMedia Backup\uBBMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{9DCB0AE8-633C-B1D2-29E1-3A811135D25A}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec6f71de-c45d-11dd-9cc1-806e6f6e6963}]
shell\AutoRun\command - F:\Installer.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-04 17:44:52 ----D---- C:\rsit
2010-05-04 17:44:52 ----D---- C:\Program Files\trend micro
2010-05-04 17:42:27 ----A---- C:\Windows\ntbtlog.txt
2010-05-04 15:30:48 ----D---- C:\ProgramData\38963029
2010-04-14 18:12:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 18:12:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 18:12:41 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 18:12:38 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 18:11:37 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 18:11:35 ----A---- C:\Windows\system32\cabview.dll
2010-04-07 14:52:28 ----D---- C:\Users\hp\AppData\Roaming\GRETECH
======List of files/folders modified in the last 1 months======
2010-05-04 17:44:52 ----RD---- C:\Program Files
2010-05-04 17:42:27 ----AD---- C:\Windows
2010-05-04 17:41:09 ----D---- C:\Users\hp\AppData\Roaming\ICQ
2010-05-04 17:40:54 ----D---- C:\Windows\Prefetch
2010-05-04 17:40:49 ----D---- C:\Windows\Temp
2010-05-04 17:20:11 ----D---- C:\Windows\Tasks
2010-05-04 17:16:44 ----D---- C:\Windows\System32
2010-05-04 17:16:44 ----D---- C:\Windows\inf
2010-05-04 17:16:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-04 17:11:18 ----D---- C:\Program Files\Steam
2010-05-04 17:10:57 ----D---- C:\Program Files\WinTV
2010-05-04 15:38:12 ----D---- C:\ProgramData\Google Updater
2010-05-04 15:30:48 ----HD---- C:\ProgramData
2010-05-04 15:24:26 ----SHD---- C:\System Volume Information
2010-05-03 21:17:50 ----AD---- C:\ProgramData\TEMP
2010-05-02 15:57:01 ----D---- C:\Windows\system32\catroot2
2010-05-02 10:58:07 ----D---- C:\Program Files\Common Files\Steam
2010-05-01 20:15:24 ----SHD---- C:\Windows\Installer
2010-04-29 17:52:25 ----RSD---- C:\Windows\Fonts
2010-04-29 17:26:47 ----D---- C:\Windows\winsxs
2010-04-28 16:26:52 ----D---- C:\Windows\system32\catroot
2010-04-17 11:58:34 ----D---- C:\Program Files\Google
2010-04-15 17:20:45 ----D---- C:\Windows\system32\drivers
2010-04-15 17:20:45 ----D---- C:\Program Files\Windows Mail
2010-04-13 20:43:36 ----D---- C:\World of Warcraft
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-05 03:51:43 ----D---- C:\Users\hp\AppData\Roaming\Skype
2010-04-05 02:43:40 ----D---- C:\Users\hp\AppData\Roaming\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2009-02-07 2911848]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [1999-09-10 25244]
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
S1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-12-02 149040]
S3 cpuz130;cpuz130; \??\C:\Users\hp\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2007-10-01 1129344]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7643904]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-03-02 29184]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17904]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2009-02-07 304528]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S2 EPGService;EPGService; C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [2008-05-30 437248]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2009-10-01 28762]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 207392]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-02 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-05-01 390952]
-----------------EOF-----------------
2.
info.txt logfile of random's system information tool 1.06 2010-05-04 17:44:57
======Uninstall list======
-->MsiExec /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
µTorrent CZ 1.8.1 (build 12639)-->"D:\uTorrent\unins000.exe"
Acker DVD to PSP Converter v2.0-->"C:\Program Files\Acker DVD to PSP Converter v2.0\unins000.exe"
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~2\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~2\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
AGEIA PhysX v7.03.21-->MsiExec.exe /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
AIDA32 v3.80-->"C:\Program Files\AIDA32 - Enterprise System Information\unins000.exe"
AoA Audio Extractor 1.0-->"D:\AoA Audio Extractor\unins000.exe"
ArcSoft TotalMedia Backup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A8019072-B760-47E2-9BDD-DF94B4FBFFBB}\Setup.exe" -l0x9
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0009 -removeonly
aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"D:\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_ce5ad925\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_674398ba\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
BioShock-->C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\setup.exe -runfromtemp -l0x0009 -removeonly
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Camtasia Studio 3-->C:\Program Files\TechSmith\Camtasia Studio 3\CSuninst.EXE
Cartman's Authoritah 1.3-->"C:\Program Files\CartmansAuthoritah\unins000.exe"
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Codec Pack - All In 1 6.0.3.0-->C:\Windows\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
EA SPORTS online 2008-->D:\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
Empire Earth III-->C:\Program Files\InstallShield Installation Information\{B17E235C-7A3B-4482-B650-21FFDE1D452E}\setup.exe -runfromtemp -l0x0005 -removeonly
FlatOut Ultimate Carnage-->D:\Empire Interactive\FlatOut Ultimate Carnage\Uninstall.exe
forumswatcher.com Toolbar-->C:\PROGRA~1\FORUMS~1.COM\UNWISE.EXE /U C:\PROGRA~1\FORUMS~1.COM\INSTALL.LOG
Fraps-->"D:\Fraps\uninstall.exe"
Free Screen Recorder v2.9-->"C:\Program Files\Free Screen Recorder\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
GOM Player-->"D:\GRETECH\GomPlayer\Uninstall.exe"
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
Google SketchUp Pro 7-->MsiExec.exe /I{48E15C9C-E25C-40AD-A46B-AB270729B9B9}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
GTR Evolution Demo Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/8730
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
Hauppauge MCE XP/Vista Software Encoder (2.0.26057)-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
Hauppauge WinTV DVB-T EPG Service-->C:\Windows\System32\UNWISE.EXE C:\Windows\System32\UnEPGService.LOG
Hauppauge WinTV Scheduler-->C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.exe C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.log
Hauppauge WinTV Soft PVR-->C:\PROGRA~1\WinTV\UNSftPVR.EXE C:\PROGRA~1\WinTV\softpvr.LOG
Hauppauge WinTV-->C:\PROGRA~1\WinTV\UNTV6.EXE C:\PROGRA~1\WinTV\WINTV6.LOG
Heroes of Newerth-->D:\Heroes of Newerth\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7-->"C:\Program Files\InstallShield Installation Information\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Inkscape 0.45.1-->"D:\Inkscape\uninst.exe"
InterVideo FilterSDK for Hauppauge-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
jetAudio Basic-->C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe -runfromtemp -l0x0005 -removeonly
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LANGMaster Škola DNES-->"D:\LANGMaster Škola DNES\unins000.exe"
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
liteCAM Evaluation-->C:\Program Files\InstallShield Installation Information\{864785DF-6D78-4A38-B66F-845BC5741843}\setup.exe -runfromtemp -l0x0009 -removeonly
Little Fighter 2 1.9c-->D:\LittleFighter2\LF2_v1.9c\uninst.exe
Mafia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\Cenega Czech\Mafia\Uninstall\setup.exe" -l0x5
MAGIX Movie Edit Pro 11 e-version (US)-->D:\MAGIX\Movie_Edit_Pro_11_e-version\instslct.exe
MediaCoder 0.7.1.4490-->C:\Program Files\MediaCoder\uninst.exe
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Mercenaries 2: World in Flames(tm)-->MsiExec.exe /X{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware-->MsiExec.exe /X{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office PowerPoint Viewer 2007 (Czech)-->MsiExec.exe /X{95120000-00AF-0405-0000-0000000FF1CE}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
MIKSOFT Mobile AMR converter-->"C:\Program Files\MIKSOFT\Mobile AMR converter\unins000.exe"
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.0.5)-->D:\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Web Search (MyWebFace)-->rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Need for Speed Underground 2-->D:\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-2085-KK25-2LEE-0UHL-8MPA-6H4U-EHAL"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Next Video Converter 2.1.0-->"D:\Next Video Converter\unins000.exe"
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}
Nokia PC Suite-->C:\ProgramData\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_cze.exe
Nokia PC Suite-->MsiExec.exe /I{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OneClick PSP Video Converter 2.6-->C:\Program Files\OneClick PSP Video Converter\Uninst.exe
Opera 10.51-->MsiExec.exe /X{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}
PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pinnacle VideoSpin-->MsiExec.exe /X{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}
Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
PowerArchiver-->D:\PowerArchiver\UNINST.EXE
PSP Video 9 4.06-->D:\Red Kawa\Video Converter App\uninstaller.exe
PSP Video Express(remove only)-->"D:\PQDVD\PSPVideoExpress\bt-uninst.exe"
rajče beta53 sestavení 101-->"C:\Program Files\rajce\unins000.exe"
Right Click Image Converter-->"C:\Program Files\Kristanix\Right Click Image Converter\uninstall.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
S.T.A.L.K.E.R. - Shadow of Chernobyl-->C:\Program Files\InstallShield Installation Information\{F38759F8-02B5-4829-B27A-20E2F0E269B2}\setup.exe -runfromtemp -l0x0405
Scorpions WinCheater-->"D:\Scorpions WinCheater\unins000.exe"
SearchInOneStep 1.0 build 177-->C:\Program Files\SearchIn1Step\uninstall.exe
Shockwave-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
SimplyCapture-->"C:\Windows\SimplyCapture\uninstall.exe" "/U:C:\Program Files\SimplyCapture\irunin.xml"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
SP Penis Mouse Screen Saver-->C:\Windows\system32\SP Penis Mouse.scr /u
speedapps Toolbar-->C:\PROGRA~1\SPEEDA~1\UNWISE.EXE C:\PROGRA~1\SPEEDA~1\INSTALL.LOG
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Tahák 2.6-->D:\Tahák 2.6\uninstall.exe
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Tony Hawk's American Wasteland (TM)-->MsiExec.exe /I{3293C06B-003F-4027-8380-FFD79E38167D}
Unreal Tournament 3-->"C:\Program Files\Steam\steam.exe" steam://uninstall/13210
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USARadioNow Toolbar-->C:\PROGRA~1\USARAD~1\UNWISE.EXE /U C:\PROGRA~1\USARAD~1\INSTALL.LOG
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Video Karaoke Studio II-->C:\Program Files\Video Karaoke Studio II\setup.exe /u
VideoPad Video Editor-->C:\Program Files\NCH Software\VideoPad\uninst.exe
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VoD Maker-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2EC1D87-728F-40F7-85B5-97483D89073D}\Setup.exe" -l0x9
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Winamp Toolbar-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}
Windows Live Fotogalerie-->MsiExec.exe /X{1D097338-B4FA-4F29-9C43-8D7A970A007E}
Windows Live Mail-->MsiExec.exe /I{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}
Windows Live Messenger-->MsiExec.exe /X{71E40B32-5173-4538-8996-5822DD18E8D4}
Windows Live Sync-->MsiExec.exe /X{068B46A0-8858-4CEB-80BC-A4AE787A05FC}
Windows Live Writer-->MsiExec.exe /X{479A749B-1684-4881-8266-BF8DD22251E7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
Yontoo Layers Client 1.10.01-->C:\PROGRA~2\TARMAI~1\{889DF~1\Setup.exe /remove /q0
YouTube Downloader App 1.02-->C:\Program Files\Regensoft\Downloader App\uninstaller.exe
Hosts File Missing
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: hp-PC
Event Code: 1103
Message: Počítači byla úspěšně přidělena adresa ze sítě, takže se nyní může připojovat k jiným počítačům.
Record Number: 124255
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20091002163127.000000-000
Event Type: Informace
User:
Computer Name: hp-PC
Event Code: 4201
Message: Systém zjistil, že síťový adaptér Bezdrátové připojení k síti byl připojen k síti a inicializoval normální činnost.
Record Number: 124254
Source Name: Tcpip
Time Written: 20091002163124.024249-000
Event Type: Informace
User:
Computer Name: hp-PC
Event Code: 4201
Message: Systém zjistil, že síťový adaptér Bezdrátové připojení k síti byl připojen k síti a inicializoval normální činnost.
Record Number: 124253
Source Name: Tcpip
Time Written: 20091002163124.024249-000
Event Type: Informace
User:
Computer Name: hp-PC
Event Code: 1003
Message: Nebylo možno obnovit adresu počítače ze sítě (ze serveru DHCP) pro síťovou kartu s adresou 0016446B031B. Došlo k následující chybě:
Uživatel operaci zrušil.. Počítač se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.
Record Number: 124252
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20091002163124.000000-000
Event Type: Upozornění
User:
Computer Name: hp-PC
Event Code: 20003
Message: Správa ovladačů ukončila proces přidání služby tunnel pro ID instance zařízení ROOT\*ISATAP\0055 s následujícím stavem: 0.
Record Number: 124251
Source Name: Microsoft-Windows-User-PnP
Time Written: 20091002163116.271249-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: 26L2233B2-11
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 5
Source Name: Microsoft-Windows-Search
Time Written: 20080924135216.000000-000
Event Type: Informace
User:
Computer Name: 26L2233B2-11
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20080924135215.000000-000
Event Type: Informace
User:
Computer Name: LH-XWW1HIRDXW3C
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20080924135211.000000-000
Event Type: Informace
User:
Computer Name: LH-XWW1HIRDXW3C
Event Code: 900
Message: Služba Licencování softwaru se spouští.
Record Number: 2
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20080924135211.000000-000
Event Type: Informace
User:
Computer Name: LH-XWW1HIRDXW3C
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080924135210.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: hp-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HP-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x248
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 26911
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714191001.107396-000
Event Type: Úspěch auditu
User:
Computer Name: hp-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: HP-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: localhost
Další informace: localhost
Informace o procesu:
ID procesu: 0x248
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 26910
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714191001.107396-000
Event Type: Úspěch auditu
User:
Computer Name: hp-PC
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0xf2b9
Record Number: 26909
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714191000.374191-000
Event Type: Úspěch auditu
User:
Computer Name: hp-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 26908
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714191000.311791-000
Event Type: Úspěch auditu
User:
Computer Name: hp-PC
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 26907
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090714191000.311791-000
Event Type: Úspěch auditu
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Pinnacle\Shared Files\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"RGSCLauncher"=D:\Rockstar Games\Rockstar Games Social Club
"RGSC"=D:\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"SAFEBOOT_OPTION"=MINIMAL
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Security Tool
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Security Tool
Zdravím 
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy. Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Security Tool
OTL logfile created on: 5.5.2010 16:40:04 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 212,09 Gb Free Space | 45,54% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,77 Gb Free Space | 59,21% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
PRC - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.03.19 11:39:13 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\hp\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.02.21 06:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.02.01 21:50:57 | 000,298,608 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple) -- C:\Users\hp\AppData\Local\TempImages\iOmem101.exe
PRC - [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.09.19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Program Files\WinTV\EPG Services\System\EPGClient.exe
PRC - [2007.05.10 13:39:30 | 000,315,392 | ---- | M] (ArcSoft, Inc.) -- D:\ArcSoft\TotalMedia Backup\uBBMonitor.exe
========== Modules (SafeList) ==========
MOD - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.02 20:55:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.07 14:28:22 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2009.12.02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009.12.02 16:23:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009.04.11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2009.03.02 13:41:49 | 000,029,184 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.07 14:28:22 | 002,911,848 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008.12.03 00:11:00 | 007,643,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.26 09:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.10.01 10:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
========== Standard Registry (SafeList) ==========
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 212,09 Gb Free Space | 45,54% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,77 Gb Free Space | 59,21% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
PRC - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.03.19 11:39:13 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\hp\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.02.21 06:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.02.01 21:50:57 | 000,298,608 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple) -- C:\Users\hp\AppData\Local\TempImages\iOmem101.exe
PRC - [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.09.19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Program Files\WinTV\EPG Services\System\EPGClient.exe
PRC - [2007.05.10 13:39:30 | 000,315,392 | ---- | M] (ArcSoft, Inc.) -- D:\ArcSoft\TotalMedia Backup\uBBMonitor.exe
========== Modules (SafeList) ==========
MOD - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.02 20:55:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.07 14:28:22 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2009.12.02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009.12.02 16:23:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009.04.11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2009.03.02 13:41:49 | 000,029,184 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.07 14:28:22 | 002,911,848 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008.12.03 00:11:00 | 007,643,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.26 09:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.10.01 10:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
========== Standard Registry (SafeList) ==========
Re: Security Tool
OTL Extras logfile created on: 5.5.2010 16:40:04 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 212,09 Gb Free Space | 45,54% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,77 Gb Free Space | 59,21% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12558CE0-BDD6-43AF-BEF2-2F6D4EC3F88E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17B0CD85-1117-4D96-97D1-DA83F92EE19B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{248AC2BA-DB01-452F-8066-DA09508FEECC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32A0DF93-4BD5-4450-88F3-6AE49629FFB0}" = lport=6884 | protocol=6 | dir=in | name=blizzard downloader: 6884 |
"{35A998B6-4A11-4AF4-A325-5FD7E471232F}" = rport=445 | protocol=6 | dir=out | app=system |
"{40AA7FF8-8D79-4179-9671-BFD17C12D7B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{45515A4B-CE77-4C5C-941E-79998C252D14}" = lport=6882 | protocol=6 | dir=in | name=blizzard downloader: 6882 |
"{48D276E1-1132-4EB0-B58C-29D3817BF958}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{4DEB8C1C-6909-4182-82C1-134F69F2C0B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{50C49DAA-A99A-4229-987E-759A1CA15149}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54461928-99D5-42DC-991B-31C604D5A81F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5810C478-18F1-4940-8416-649E96429D03}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{780E97E3-F5FF-46AB-A458-349C805B0B82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{78A0C7C7-96F2-45B9-898D-B33FF8206A18}" = rport=137 | protocol=17 | dir=out | app=system |
"{80659ED3-B46D-4467-8D77-BFAABDB5C5B4}" = rport=139 | protocol=6 | dir=out | app=system |
"{8B23FFC0-44A3-4B25-9EFA-9E6B4CD62DF9}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{9B61B82E-384E-4A5F-B1C1-2536131B7DEF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AA3FC834-813E-41E1-BA20-6352DE5C4C06}" = lport=445 | protocol=6 | dir=in | app=system |
"{ACF2A98E-A5C4-4CFF-A6BB-3931CB2C3DE4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B2C3B00A-0F07-472D-95F7-8804A8DAE827}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8E8CEB3-E660-44FB-905F-C5C345D43E5F}" = lport=6883 | protocol=6 | dir=in | name=blizzard downloader: 6883 |
"{BA907BCF-0BD7-48BC-8C7C-E8B25EF0816B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C10259FB-860F-4163-8EE4-E3B3EFFB32C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E34A8E3C-7536-46A1-94B9-950BAEA1D998}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAC10A4A-9BEC-47AB-B27B-401E1AC0789D}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDA9F532-EBD1-4CEC-B637-E41F96393C00}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FDC41E-CA7B-40EE-856A-EC2295FAA886}" = protocol=17 | dir=in | app=d:\empire interactive\flatout ultimate carnage\fouc.exe |
"{062D0342-2833-4181-B273-B715751F7A75}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\umi.exe |
"{067B17D1-C905-4C74-8E69-B7C0702EFF2E}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\videospin.exe |
"{0746FCEF-9292-4D7F-A2AA-7F97A965E442}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{09D2E6B9-3DA1-4A57-86E3-CBA2F3EFC918}" = protocol=17 | dir=in | app=d:\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{126ECA76-920A-45C7-80CB-E75EAEC3582D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{17B4E47B-C81E-45D9-AB99-9DD058C62EF6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1918C3D5-1A20-4783-89C5-B958408B574C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{1C8B3ABC-3E4C-46B6-9959-EFC02BBFB46D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D2F7CB0-E88D-4B03-81D9-B065000F9B2C}" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"{248478EA-06EC-4FAC-AF36-E3A2664E2593}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{290EC802-3B05-4D48-A0B2-DFDBB2CE0753}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{2A5C1C09-806F-48DA-955A-7B5FBF69C237}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\pmsregisterfile.exe |
"{2B79F02D-E5F1-41B5-9DDD-86841C1DF16B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{2BAE17E0-1A52-4AD6-A068-2B0E5831097C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D3F70DC-96FB-439B-BBE2-EBC962766871}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D56360F-ECE5-4344-81FE-985C3376FB6E}" = protocol=6 | dir=in | app=c:\program files\sierra entertainment\empire earth iii\ee3.exe |
"{331C784E-0D72-4522-A590-6983A4DAEB30}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\rm.exe |
"{33F46E0D-0376-4BA7-A3A8-CD985EEA9CCE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34327B0F-242D-4D5F-9280-4D188F0D14BE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{3703EE6F-50B8-4B4A-AC23-2B085A0B5DE0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-engb-downloader.exe |
"{3B3AA973-BBB1-4B49-B261-5BF65A847DEE}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{4007774A-B920-4F5F-92C8-532129BE0E9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41AF1A33-7C35-4006-815A-CC11069A70D3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{43E763C4-3702-4A64-BEF3-DBB51AA41942}" = protocol=6 | dir=in | app=d:\rockstar games\rockstar games social club\rgsclauncher.exe |
"{4721B9A7-5560-4D08-BC5C-2AF0F73EFA74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4855ED06-1620-4A48-86EE-406AE491C982}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{493ED084-A0A8-4923-BF79-4DD5CB5B6338}" = protocol=6 | dir=in | app=d:\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{4D7510A6-C69D-45D0-9E34-06BEE412A6B1}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{56D171BB-1E62-419C-99E4-123336DA82F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-engb-downloader.exe |
"{5800C274-D3D3-461E-A3AF-24714215A9FC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{585D1681-9FCF-4DA4-B212-FEF42C337F17}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{603656EF-ED21-4078-A2A3-9067DD728B7B}" = protocol=17 | dir=in | app=c:\motogp\motogp 08\launcher.exe |
"{618FDAA7-7A72-4BEE-8A2F-574047A04862}" = protocol=17 | dir=in | app=d:\rockstar games\rockstar games social club\rgsclauncher.exe |
"{61B20E34-028F-4E31-B7D9-9C4E81E66A36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{669C23A4-4FFD-4890-BF77-2D247C9F78D9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{69CDC63D-D760-4FEA-B826-327B43DEDA67}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{71DBA55F-C685-46A5-9E8F-FD44F19FA7A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{783E0B19-C658-4D1D-A112-4984D2418056}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{7974D887-0320-4D18-8220-FD985F816A34}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{79CDAF48-DA65-44B3-B209-2E60C7E0DF51}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{8147F451-BC18-4367-A9EB-CD4F7D18781D}" = protocol=6 | dir=in | app=d:\empire interactive\flatout ultimate carnage\fouc.exe |
"{84DE5B8C-D897-4FF0-AD5F-2020490CBE00}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\videospin.exe |
"{85C45C0D-A4FE-4852-B67C-200DB643002A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{874DFD4E-08B9-46E6-A77D-234B5C4A3E88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{89E26A43-B6D0-49A4-A80C-7CE3CEAA7B86}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{8DE2772F-E15C-4B3B-9633-70BB19D3E3A2}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\pmsregisterfile.exe |
"{9200EB90-7A05-47C9-83C1-15C525E3C5EB}" = protocol=6 | dir=out | app=system |
"{92C85624-6089-448A-9EA0-0E20D9A93FCA}" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"{982A6ECC-0280-4B09-A468-382203203492}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-engb-downloader.exe |
"{9A19D9D4-88BF-4A01-A205-04F6A192F9AE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{9AC12045-CEA5-4166-AD1A-F98AF3BB3571}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{9C12CF1B-1E20-4824-A541-4A66F6A014D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0EA8889-7C4B-4AD4-A7F3-E9E84E5FC8A4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{A7092E82-6A66-4830-B4E2-1A851D141607}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{A9744B2C-6B56-4EB7-BC17-79B8626BA7A7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-engb-downloader.exe |
"{ABA79DAB-B2B2-4498-A2B5-02180D58283C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-engb-downloader.exe |
"{AECE8EE8-37AD-4DDB-B252-A755982614B3}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{B548C2DD-EF1C-4791-86C0-89E613ADC309}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BBCC5872-9C96-40C9-9F64-A3CD136D7FCE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{BE78CBC5-4774-4DE6-823C-95B766F3C49D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{BF4B2891-1C1D-4D8F-8DD6-CEA5A7880CF5}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{BF667755-8DE4-4ACD-AF2C-E1246D503224}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dandis237\gtr evolution demo dedicated server\gtrevo_demo_dedicated_steam.exe |
"{C3640585-E556-4565-A558-8F0803B45CF6}" = protocol=6 | dir=in | app=c:\motogp\motogp 08\launcher.exe |
"{C8174A7F-8599-4501-B35A-0AFCEAE7A978}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\umi.exe |
"{CA3CD0E1-338F-40A1-A67E-A01FC228A20F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB5467A0-3BC9-4C9B-8793-025EBDF21778}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CE8369BC-7505-49A5-A0CD-2E92D4EA70E4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CF722DB1-C968-4165-8462-D89EBB7C4AAD}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{D7575C8A-B925-44F3-BC3B-9580B48B84A4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-engb-downloader.exe |
"{D8727CC9-7EF9-412B-9B89-CBA9AD144E87}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{D9F80302-6055-49BC-A99D-C13C6A678827}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBB9791B-438F-45A8-B0F2-D266088E986B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DD21549D-8E2B-45E1-9874-F052CF26E367}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{E1075933-616F-4FC5-AC3F-2238FC8EC754}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{E1C31EBF-EC05-41AF-B255-C8FFC9165865}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\rm.exe |
"{E3992A93-4F6C-4CF3-BFDB-7AEB3B816294}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{E496BDB1-90E2-459A-ABDA-7A288EBB70B8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{E56A8CA9-1255-4732-BF54-B6A8075DCFBD}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{EDFCB674-3169-477D-A113-4991EEFC66A9}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{EE2AFC73-182B-44CB-9D81-8F99F1961638}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{F3EAAB48-68BD-4313-AD88-7072EF953EFC}" = protocol=17 | dir=in | app=c:\program files\sierra entertainment\empire earth iii\ee3.exe |
"{F5CE6695-A189-4CE7-A825-F47A72596722}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dandis237\gtr evolution demo dedicated server\gtrevo_demo_dedicated_steam.exe |
"{FAC5A3F4-51CC-4CCC-9319-47570EB0613F}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{FBF530EA-662A-483A-B620-1BE661B53CB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0545FAAE-BD97-4F7E-B469-419B3AF08904}D:\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{1859D5F7-E62A-4C3A-890C-13AF53E38E1A}D:\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=d:\heroes of newerth\hon.exe |
"TCP Query User{1F5D7416-ACEE-4D63-AF7A-05D2916433CF}D:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe |
"TCP Query User{2D1A6FC0-6F9E-48A3-8C6F-AD42B159FFD1}D:\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.4.2-engb-downloader.exe |
"TCP Query User{2D39821E-1F53-4A32-8C07-C9B7CB597117}D:\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=d:\electronic arts\eadm\core.exe |
"TCP Query User{3B1560BD-96E5-4BBD-814D-EEEC94CF8887}C:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe" = protocol=6 | dir=in | app=c:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe |
"TCP Query User{4C586539-8766-4654-AB99-D0336F8903F2}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{568A0FD4-34EC-430F-8382-DF646185CA7F}C:\users\hp\desktop\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=c:\users\hp\desktop\wow-2.4.2-engb-downloader.exe |
"TCP Query User{5B1FECAB-69AF-4042-9111-44B6EA94956F}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5CD08A56-A0C6-49B6-B596-9E7340015F66}D:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=d:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe |
"TCP Query User{60B99A11-9843-4731-B173-22718FC9D350}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{6CC086A2-B460-4F56-9D68-1D7DA20AE036}D:\aspyr media, inc\thaw\game\thaw.exe" = protocol=6 | dir=in | app=d:\aspyr media, inc\thaw\game\thaw.exe |
"TCP Query User{71FFED68-5C26-4C08-B46F-6E59C6008164}D:\opera\opera.exe" = protocol=6 | dir=in | app=d:\opera\opera.exe |
"TCP Query User{7BAA1429-1B58-4F84-B3E2-7749FD4DECCC}D:\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=d:\electronic arts\eadm\core.exe |
"TCP Query User{81019EFF-38A8-4CF3-AA57-7A13813BA962}C:\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\icq6.5\icq.exe |
"TCP Query User{835A7ADE-B2F4-4F8B-A315-DF22DD86EFE9}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"TCP Query User{8B4BCB50-A85F-4F91-BE43-E478143C29A5}C:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe |
"TCP Query User{97849064-6089-438E-A889-782BD15EBC93}C:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=6 | dir=in | app=c:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"TCP Query User{9CEA875B-46DE-464C-AD62-122CE1A5143E}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A75B9E20-0486-41BA-8DA9-FB6D4F7BAE99}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A816FDF2-D253-4E54-8BD2-5278BD97D749}D:\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=d:\mozilla firefox\firefox.exe |
"TCP Query User{B3D86EDA-C940-4477-BB52-3F72AB2B3DD0}C:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=c:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"TCP Query User{BD06A7E1-5F57-4BAE-8702-433B75279469}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{C442F14A-A2A8-40D1-8F20-4BAE6CF03DE8}C:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe |
"TCP Query User{C797E8C5-9E43-4339-93B3-63E1744E510B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{DFA06440-43E9-4E13-9FB7-8FD00F0FB421}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{DFA65D8C-B3EF-406C-9115-A33C3C061047}K:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"TCP Query User{E2355AB2-0907-4ADA-BCB0-8C567003E195}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{E67DA380-9286-4D31-8175-49B771B78BA4}C:\program files\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"TCP Query User{EC24D254-9092-4776-99FE-5DDC7A3305DC}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{F3246920-70B2-491A-90BC-788369455D09}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{F61A7ECF-2226-429D-8C4F-430F7A478AD7}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{04318E26-74FB-4668-A1A5-91F6D97C6092}D:\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=d:\electronic arts\eadm\core.exe |
"UDP Query User{0A1D3F6B-8A44-42E1-9745-448E1FD1D9A1}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1354A288-DDA1-4785-BBED-4EECACD5C2A1}C:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe |
"UDP Query User{1463A660-6AC5-4CE3-8450-37EE82EDAEA3}D:\opera\opera.exe" = protocol=17 | dir=in | app=d:\opera\opera.exe |
"UDP Query User{14F512CA-33FA-4079-A6D0-8C96B7AB73B4}K:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"UDP Query User{30626230-7E47-4998-8C55-8D322E1668F2}C:\users\hp\desktop\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=c:\users\hp\desktop\wow-2.4.2-engb-downloader.exe |
"UDP Query User{368617F6-3A2A-4A01-BB47-11CC1D9DF2CD}D:\aspyr media, inc\thaw\game\thaw.exe" = protocol=17 | dir=in | app=d:\aspyr media, inc\thaw\game\thaw.exe |
"UDP Query User{3FD8A40C-0AE6-437E-AD4C-13C5CB7384FD}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{48E670F9-BB4E-4ADA-A913-E63AD4385667}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{5084BE6C-53F5-4B06-A8EC-DF5D57B1242F}C:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=c:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{549899EE-1C80-436A-A29B-F3E9BAB477A6}C:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe |
"UDP Query User{5950104D-B878-4FBC-AF73-CECCF6424BD3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5FD61549-09DE-4A92-B98C-08197F068CB3}C:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=17 | dir=in | app=c:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"UDP Query User{627921C7-03A2-4E83-AFA8-ABA326838957}D:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe |
"UDP Query User{6BA5DB02-0378-4376-B590-7E3ECD317F54}D:\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=d:\electronic arts\eadm\core.exe |
"UDP Query User{7317FFBF-81D0-4C38-AE43-ABEC7B32E5FF}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{8373F594-2C17-44FA-871D-C6233E6D57B1}D:\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{9E4D8620-6F38-47C6-91E6-6237C17FCD49}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{A45A1FE0-E8FB-4E3C-827E-A22917CE26F6}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{C298F2D4-52B7-4616-B9DF-FFDF43D765FB}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{CA1C3742-ADB3-4EB2-9ECA-ACC6E173344C}C:\program files\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"UDP Query User{CA564CB0-E216-4017-8E96-8563932ACB95}C:\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\icq6.5\icq.exe |
"UDP Query User{CB312EF8-2F2A-4A3B-B33A-B8F5E1EE5712}C:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe" = protocol=17 | dir=in | app=c:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe |
"UDP Query User{CB6DF14C-75AD-46B3-9006-73ADC4248E1A}D:\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=d:\mozilla firefox\firefox.exe |
"UDP Query User{D387B37A-C17D-4887-806E-85C4570F6250}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{E0AF33F9-F34A-48D7-A858-DC9AFFEDA6E5}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{E2DC8FAA-CEAB-4092-88F4-43A6A09A336E}D:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=d:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe |
"UDP Query User{E5EC4DE8-90E6-4127-AF9C-8493D186437D}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{E7783AD6-8BE8-429B-8105-912A258CE913}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{ED2863C0-1E9A-454C-BD98-F30783D1BF9A}D:\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.4.2-engb-downloader.exe |
"UDP Query User{F6CE0F91-8853-46C2-8A85-21CCE5F070D3}D:\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=d:\heroes of newerth\hon.exe |
"UDP Query User{FE4405CC-AD9B-492A-B596-731CE1E77224}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}" = Mercenaries 2: World in Flames(tm)
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AD89908-0987-4B9E-8AB4-905899E4D754}_is1" = Next Video Converter 2.1.0
"{3293C06B-003F-4027-8380-FFD79E38167D}" = Tony Hawk's American Wasteland (TM)
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{48E15C9C-E25C-40AD-A46B-AB270729B9B9}" = Google SketchUp Pro 7
"{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}" = Pinnacle VideoSpin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85EBB283-65AF-4C53-9EBE-7C0A232762F7}" = AGEIA PhysX v7.03.21
"{864785DF-6D78-4A38-B66F-845BC5741843}" = liteCAM Evaluation
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2EC1D87-728F-40F7-85B5-97483D89073D}" = VoD Maker
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08
"{A8019072-B760-47E2-9BDD-DF94B4FBFFBB}" = ArcSoft TotalMedia Backup
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{c8986bf7-5c85-40d2-83a6-0c8db1028ac0}" = Nero 9 Trial
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F38759F8-02B5-4829-B27A-20E2F0E269B2}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Acker DVD to PSP Converter v2.0_is1" = Acker DVD to PSP Converter v2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AIDA32_is1" = AIDA32 v3.80
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BSPlayer1" = BSPlayer
"Camtasia Studio 3" = Camtasia Studio 3
"Cartman's Authoritah_is1" = Cartman's Authoritah 1.3
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CloneDVD2" = CloneDVD2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"forumswatcher.com Toolbar" = forumswatcher.com Toolbar
"Fraps" = Fraps
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HijackThis" = HijackThis 2.0.2
"hon" = Heroes of Newerth
"ICQToolbar" = ICQ Toolbar
"Inkscape" = Inkscape 0.45.1
"InstallShield_{F38759F8-02B5-4829-B27A-20E2F0E269B2}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Kristanix Right Click Image Converter" = Right Click Image Converter
"LANGMaster Škola DNES_is1" = LANGMaster Škola DNES
"Little Fighter 2" = Little Fighter 2 1.9c
"MAGIX Movie Edit Pro 11 e-version US" = MAGIX Movie Edit Pro 11 e-version (US)
"MediaCoder" = MediaCoder 0.7.1.4490
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MyWebSearch bar Uninstall" = My Web Search (MyWebFace)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OneClickPSPVideoConverter" = OneClick PSP Video Converter 2.6
"Picasa 3" = Picasa 3
"PowerArchiver" = PowerArchiver
"PSP Video 9" = PSP Video 9 4.06
"PSPVideoExpress" = PSP Video Express(remove only)
"rajče.net_is1" = rajče beta53 sestavení 101
"Scorpions WinCheater 2.07 (s databází 95)_is1" = Scorpions WinCheater
"SearchIn1Step" = SearchInOneStep 1.0 build 177
"Shockwave" = Shockwave
"SimplyCapture1.3" = SimplyCapture
"SP Penis Mouse" = SP Penis Mouse Screen Saver
"speedapps Toolbar" = speedapps Toolbar
"Steam App 13210" = Unreal Tournament 3
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 8730" = GTR Evolution Demo Dedicated Server
"Tahák 2.6" = Tahák 2.6
"The KMPlayer" = The KMPlayer (remove only)
"USARadioNow Toolbar" = USARadioNow Toolbar
"Video Karaoke Studio II" = Video Karaoke Studio II
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.0.2
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"XP Codec Pack" = XP Codec Pack
"YouTube Downloader App" = YouTube Downloader App 1.02
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.4.2010 14:23:53 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x14ac, čas spuštění
aplikace 0x01cae636c8ce742b.
Error - 27.4.2010 14:26:19 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x3b4, čas spuštění aplikace
0x01cae63721a9f38b.
Error - 27.4.2010 16:11:09 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x166c, čas spuštění
aplikace 0x01cae645c699e31b.
Error - 28.4.2010 17:32:49 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 29.4.2010 11:21:49 | Computer Name = hp-PC | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 7.1.0.2096 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 9e0 Čas zahájení: 01cae7af7efd670a Čas ukončení: 102
Error - 2.5.2010 9:19:39 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.6002.18111, časové razítko
0x4aa91411, chybující modul ntdll.dll, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000374, posun chyby 0x000afaf8, ID procesu 0xc8c, čas spuštění aplikace
0x01cae9fa1d3fcbda.
Error - 4.5.2010 11:43:23 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:15:58 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:26:13 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:26:59 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace GOM.exe, verze 2.1.21.4846, časové razítko 0x4aefd89d,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0x178, čas spuštění aplikace 0x01caec5696f31e20.
[ System Events ]
Error - 5.5.2010 9:27:06 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5.5.2010 9:27:06 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:32:16 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
Error - 5.5.2010 9:33:02 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
Error - 5.5.2010 9:33:48 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 5.5.2010 9:33:48 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:34:37 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 212,09 Gb Free Space | 45,54% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,77 Gb Free Space | 59,21% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12558CE0-BDD6-43AF-BEF2-2F6D4EC3F88E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17B0CD85-1117-4D96-97D1-DA83F92EE19B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{248AC2BA-DB01-452F-8066-DA09508FEECC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32A0DF93-4BD5-4450-88F3-6AE49629FFB0}" = lport=6884 | protocol=6 | dir=in | name=blizzard downloader: 6884 |
"{35A998B6-4A11-4AF4-A325-5FD7E471232F}" = rport=445 | protocol=6 | dir=out | app=system |
"{40AA7FF8-8D79-4179-9671-BFD17C12D7B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{45515A4B-CE77-4C5C-941E-79998C252D14}" = lport=6882 | protocol=6 | dir=in | name=blizzard downloader: 6882 |
"{48D276E1-1132-4EB0-B58C-29D3817BF958}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{4DEB8C1C-6909-4182-82C1-134F69F2C0B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{50C49DAA-A99A-4229-987E-759A1CA15149}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54461928-99D5-42DC-991B-31C604D5A81F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5810C478-18F1-4940-8416-649E96429D03}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{780E97E3-F5FF-46AB-A458-349C805B0B82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{78A0C7C7-96F2-45B9-898D-B33FF8206A18}" = rport=137 | protocol=17 | dir=out | app=system |
"{80659ED3-B46D-4467-8D77-BFAABDB5C5B4}" = rport=139 | protocol=6 | dir=out | app=system |
"{8B23FFC0-44A3-4B25-9EFA-9E6B4CD62DF9}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{9B61B82E-384E-4A5F-B1C1-2536131B7DEF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AA3FC834-813E-41E1-BA20-6352DE5C4C06}" = lport=445 | protocol=6 | dir=in | app=system |
"{ACF2A98E-A5C4-4CFF-A6BB-3931CB2C3DE4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B2C3B00A-0F07-472D-95F7-8804A8DAE827}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8E8CEB3-E660-44FB-905F-C5C345D43E5F}" = lport=6883 | protocol=6 | dir=in | name=blizzard downloader: 6883 |
"{BA907BCF-0BD7-48BC-8C7C-E8B25EF0816B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C10259FB-860F-4163-8EE4-E3B3EFFB32C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E34A8E3C-7536-46A1-94B9-950BAEA1D998}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAC10A4A-9BEC-47AB-B27B-401E1AC0789D}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDA9F532-EBD1-4CEC-B637-E41F96393C00}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FDC41E-CA7B-40EE-856A-EC2295FAA886}" = protocol=17 | dir=in | app=d:\empire interactive\flatout ultimate carnage\fouc.exe |
"{062D0342-2833-4181-B273-B715751F7A75}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\umi.exe |
"{067B17D1-C905-4C74-8E69-B7C0702EFF2E}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\videospin.exe |
"{0746FCEF-9292-4D7F-A2AA-7F97A965E442}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{09D2E6B9-3DA1-4A57-86E3-CBA2F3EFC918}" = protocol=17 | dir=in | app=d:\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{126ECA76-920A-45C7-80CB-E75EAEC3582D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{17B4E47B-C81E-45D9-AB99-9DD058C62EF6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1918C3D5-1A20-4783-89C5-B958408B574C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{1C8B3ABC-3E4C-46B6-9959-EFC02BBFB46D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D2F7CB0-E88D-4B03-81D9-B065000F9B2C}" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"{248478EA-06EC-4FAC-AF36-E3A2664E2593}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{290EC802-3B05-4D48-A0B2-DFDBB2CE0753}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{2A5C1C09-806F-48DA-955A-7B5FBF69C237}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\pmsregisterfile.exe |
"{2B79F02D-E5F1-41B5-9DDD-86841C1DF16B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{2BAE17E0-1A52-4AD6-A068-2B0E5831097C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D3F70DC-96FB-439B-BBE2-EBC962766871}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D56360F-ECE5-4344-81FE-985C3376FB6E}" = protocol=6 | dir=in | app=c:\program files\sierra entertainment\empire earth iii\ee3.exe |
"{331C784E-0D72-4522-A590-6983A4DAEB30}" = protocol=6 | dir=in | app=d:\pinnacle\videospin\programs\rm.exe |
"{33F46E0D-0376-4BA7-A3A8-CD985EEA9CCE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34327B0F-242D-4D5F-9280-4D188F0D14BE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{3703EE6F-50B8-4B4A-AC23-2B085A0B5DE0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-engb-downloader.exe |
"{3B3AA973-BBB1-4B49-B261-5BF65A847DEE}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{4007774A-B920-4F5F-92C8-532129BE0E9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41AF1A33-7C35-4006-815A-CC11069A70D3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{43E763C4-3702-4A64-BEF3-DBB51AA41942}" = protocol=6 | dir=in | app=d:\rockstar games\rockstar games social club\rgsclauncher.exe |
"{4721B9A7-5560-4D08-BC5C-2AF0F73EFA74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4855ED06-1620-4A48-86EE-406AE491C982}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{493ED084-A0A8-4923-BF79-4DD5CB5B6338}" = protocol=6 | dir=in | app=d:\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{4D7510A6-C69D-45D0-9E34-06BEE412A6B1}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{56D171BB-1E62-419C-99E4-123336DA82F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-engb-downloader.exe |
"{5800C274-D3D3-461E-A3AF-24714215A9FC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{585D1681-9FCF-4DA4-B212-FEF42C337F17}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{603656EF-ED21-4078-A2A3-9067DD728B7B}" = protocol=17 | dir=in | app=c:\motogp\motogp 08\launcher.exe |
"{618FDAA7-7A72-4BEE-8A2F-574047A04862}" = protocol=17 | dir=in | app=d:\rockstar games\rockstar games social club\rgsclauncher.exe |
"{61B20E34-028F-4E31-B7D9-9C4E81E66A36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{669C23A4-4FFD-4890-BF77-2D247C9F78D9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{69CDC63D-D760-4FEA-B826-327B43DEDA67}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{71DBA55F-C685-46A5-9E8F-FD44F19FA7A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{783E0B19-C658-4D1D-A112-4984D2418056}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{7974D887-0320-4D18-8220-FD985F816A34}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{79CDAF48-DA65-44B3-B209-2E60C7E0DF51}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{8147F451-BC18-4367-A9EB-CD4F7D18781D}" = protocol=6 | dir=in | app=d:\empire interactive\flatout ultimate carnage\fouc.exe |
"{84DE5B8C-D897-4FF0-AD5F-2020490CBE00}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\videospin.exe |
"{85C45C0D-A4FE-4852-B67C-200DB643002A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{874DFD4E-08B9-46E6-A77D-234B5C4A3E88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{89E26A43-B6D0-49A4-A80C-7CE3CEAA7B86}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{8DE2772F-E15C-4B3B-9633-70BB19D3E3A2}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\pmsregisterfile.exe |
"{9200EB90-7A05-47C9-83C1-15C525E3C5EB}" = protocol=6 | dir=out | app=system |
"{92C85624-6089-448A-9EA0-0E20D9A93FCA}" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"{982A6ECC-0280-4B09-A468-382203203492}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-engb-downloader.exe |
"{9A19D9D4-88BF-4A01-A205-04F6A192F9AE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{9AC12045-CEA5-4166-AD1A-F98AF3BB3571}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{9C12CF1B-1E20-4824-A541-4A66F6A014D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0EA8889-7C4B-4AD4-A7F3-E9E84E5FC8A4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{A7092E82-6A66-4830-B4E2-1A851D141607}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{A9744B2C-6B56-4EB7-BC17-79B8626BA7A7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-engb-downloader.exe |
"{ABA79DAB-B2B2-4498-A2B5-02180D58283C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9806-to-3.1.1.9835-engb-downloader.exe |
"{AECE8EE8-37AD-4DDB-B252-A755982614B3}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{B548C2DD-EF1C-4791-86C0-89E613ADC309}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BBCC5872-9C96-40C9-9F64-A3CD136D7FCE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{BE78CBC5-4774-4DE6-823C-95B766F3C49D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{BF4B2891-1C1D-4D8F-8DD6-CEA5A7880CF5}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{BF667755-8DE4-4ACD-AF2C-E1246D503224}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dandis237\gtr evolution demo dedicated server\gtrevo_demo_dedicated_steam.exe |
"{C3640585-E556-4565-A558-8F0803B45CF6}" = protocol=6 | dir=in | app=c:\motogp\motogp 08\launcher.exe |
"{C8174A7F-8599-4501-B35A-0AFCEAE7A978}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\umi.exe |
"{CA3CD0E1-338F-40A1-A67E-A01FC228A20F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB5467A0-3BC9-4C9B-8793-025EBDF21778}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CE8369BC-7505-49A5-A0CD-2E92D4EA70E4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CF722DB1-C968-4165-8462-D89EBB7C4AAD}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{D7575C8A-B925-44F3-BC3B-9580B48B84A4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.0.9767-to-3.1.1.9806-engb-downloader.exe |
"{D8727CC9-7EF9-412B-9B89-CBA9AD144E87}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{D9F80302-6055-49BC-A99D-C13C6A678827}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBB9791B-438F-45A8-B0F2-D266088E986B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DD21549D-8E2B-45E1-9874-F052CF26E367}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{E1075933-616F-4FC5-AC3F-2238FC8EC754}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{E1C31EBF-EC05-41AF-B255-C8FFC9165865}" = protocol=17 | dir=in | app=d:\pinnacle\videospin\programs\rm.exe |
"{E3992A93-4F6C-4CF3-BFDB-7AEB3B816294}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{E496BDB1-90E2-459A-ABDA-7A288EBB70B8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{E56A8CA9-1255-4732-BF54-B6A8075DCFBD}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{EDFCB674-3169-477D-A113-4991EEFC66A9}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{EE2AFC73-182B-44CB-9D81-8F99F1961638}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{F3EAAB48-68BD-4313-AD88-7072EF953EFC}" = protocol=17 | dir=in | app=c:\program files\sierra entertainment\empire earth iii\ee3.exe |
"{F5CE6695-A189-4CE7-A825-F47A72596722}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dandis237\gtr evolution demo dedicated server\gtrevo_demo_dedicated_steam.exe |
"{FAC5A3F4-51CC-4CCC-9319-47570EB0613F}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{FBF530EA-662A-483A-B620-1BE661B53CB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0545FAAE-BD97-4F7E-B469-419B3AF08904}D:\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{1859D5F7-E62A-4C3A-890C-13AF53E38E1A}D:\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=d:\heroes of newerth\hon.exe |
"TCP Query User{1F5D7416-ACEE-4D63-AF7A-05D2916433CF}D:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe |
"TCP Query User{2D1A6FC0-6F9E-48A3-8C6F-AD42B159FFD1}D:\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.4.2-engb-downloader.exe |
"TCP Query User{2D39821E-1F53-4A32-8C07-C9B7CB597117}D:\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=d:\electronic arts\eadm\core.exe |
"TCP Query User{3B1560BD-96E5-4BBD-814D-EEEC94CF8887}C:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe" = protocol=6 | dir=in | app=c:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe |
"TCP Query User{4C586539-8766-4654-AB99-D0336F8903F2}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{568A0FD4-34EC-430F-8382-DF646185CA7F}C:\users\hp\desktop\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=c:\users\hp\desktop\wow-2.4.2-engb-downloader.exe |
"TCP Query User{5B1FECAB-69AF-4042-9111-44B6EA94956F}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5CD08A56-A0C6-49B6-B596-9E7340015F66}D:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=6 | dir=in | app=d:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe |
"TCP Query User{60B99A11-9843-4731-B173-22718FC9D350}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{6CC086A2-B460-4F56-9D68-1D7DA20AE036}D:\aspyr media, inc\thaw\game\thaw.exe" = protocol=6 | dir=in | app=d:\aspyr media, inc\thaw\game\thaw.exe |
"TCP Query User{71FFED68-5C26-4C08-B46F-6E59C6008164}D:\opera\opera.exe" = protocol=6 | dir=in | app=d:\opera\opera.exe |
"TCP Query User{7BAA1429-1B58-4F84-B3E2-7749FD4DECCC}D:\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=d:\electronic arts\eadm\core.exe |
"TCP Query User{81019EFF-38A8-4CF3-AA57-7A13813BA962}C:\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\icq6.5\icq.exe |
"TCP Query User{835A7ADE-B2F4-4F8B-A315-DF22DD86EFE9}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"TCP Query User{8B4BCB50-A85F-4F91-BE43-E478143C29A5}C:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe |
"TCP Query User{97849064-6089-438E-A889-782BD15EBC93}C:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=6 | dir=in | app=c:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"TCP Query User{9CEA875B-46DE-464C-AD62-122CE1A5143E}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A75B9E20-0486-41BA-8DA9-FB6D4F7BAE99}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A816FDF2-D253-4E54-8BD2-5278BD97D749}D:\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=d:\mozilla firefox\firefox.exe |
"TCP Query User{B3D86EDA-C940-4477-BB52-3F72AB2B3DD0}C:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=c:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"TCP Query User{BD06A7E1-5F57-4BAE-8702-433B75279469}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{C442F14A-A2A8-40D1-8F20-4BAE6CF03DE8}C:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe |
"TCP Query User{C797E8C5-9E43-4339-93B3-63E1744E510B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{DFA06440-43E9-4E13-9FB7-8FD00F0FB421}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{DFA65D8C-B3EF-406C-9115-A33C3C061047}K:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"TCP Query User{E2355AB2-0907-4ADA-BCB0-8C567003E195}C:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"TCP Query User{E67DA380-9286-4D31-8175-49B771B78BA4}C:\program files\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"TCP Query User{EC24D254-9092-4776-99FE-5DDC7A3305DC}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{F3246920-70B2-491A-90BC-788369455D09}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{F61A7ECF-2226-429D-8C4F-430F7A478AD7}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=6 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{04318E26-74FB-4668-A1A5-91F6D97C6092}D:\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=d:\electronic arts\eadm\core.exe |
"UDP Query User{0A1D3F6B-8A44-42E1-9745-448E1FD1D9A1}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1354A288-DDA1-4785-BBED-4EECACD5C2A1}C:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dandis237\counter-strike source\hl2.exe |
"UDP Query User{1463A660-6AC5-4CE3-8450-37EE82EDAEA3}D:\opera\opera.exe" = protocol=17 | dir=in | app=d:\opera\opera.exe |
"UDP Query User{14F512CA-33FA-4079-A6D0-8C96B7AB73B4}K:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"UDP Query User{30626230-7E47-4998-8C55-8D322E1668F2}C:\users\hp\desktop\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=c:\users\hp\desktop\wow-2.4.2-engb-downloader.exe |
"UDP Query User{368617F6-3A2A-4A01-BB47-11CC1D9DF2CD}D:\aspyr media, inc\thaw\game\thaw.exe" = protocol=17 | dir=in | app=d:\aspyr media, inc\thaw\game\thaw.exe |
"UDP Query User{3FD8A40C-0AE6-437E-AD4C-13C5CB7384FD}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{48E670F9-BB4E-4ADA-A913-E63AD4385667}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{5084BE6C-53F5-4B06-A8EC-DF5D57B1242F}C:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=c:0\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{549899EE-1C80-436A-A29B-F3E9BAB477A6}C:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\hp\appdata\local\microsoft\windows\temporary internet files\content.ie5\n9iu8j71\wow-language-pack-engb-downloader[1].exe |
"UDP Query User{5950104D-B878-4FBC-AF73-CECCF6424BD3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5FD61549-09DE-4A92-B98C-08197F068CB3}C:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe" = protocol=17 | dir=in | app=c:0\wow-2.4.1.8125-to-2.4.2.8278-engb-downloader.exe |
"UDP Query User{627921C7-03A2-4E83-AFA8-ABA326838957}D:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe |
"UDP Query User{6BA5DB02-0378-4376-B590-7E3ECD317F54}D:\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=d:\electronic arts\eadm\core.exe |
"UDP Query User{7317FFBF-81D0-4C38-AE43-ABEC7B32E5FF}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{8373F594-2C17-44FA-871D-C6233E6D57B1}D:\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{9E4D8620-6F38-47C6-91E6-6237C17FCD49}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{A45A1FE0-E8FB-4E3C-827E-A22917CE26F6}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{C298F2D4-52B7-4616-B9DF-FFDF43D765FB}C:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"UDP Query User{CA1C3742-ADB3-4EB2-9ECA-ACC6E173344C}C:\program files\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"UDP Query User{CA564CB0-E216-4017-8E96-8563932ACB95}C:\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\icq6.5\icq.exe |
"UDP Query User{CB312EF8-2F2A-4A3B-B33A-B8F5E1EE5712}C:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe" = protocol=17 | dir=in | app=c:\users\hp\appdata\local\temp\blizzard launcher temporary - e61f1590\launcher.exe |
"UDP Query User{CB6DF14C-75AD-46B3-9006-73ADC4248E1A}D:\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=d:\mozilla firefox\firefox.exe |
"UDP Query User{D387B37A-C17D-4887-806E-85C4570F6250}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{E0AF33F9-F34A-48D7-A858-DC9AFFEDA6E5}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{E2DC8FAA-CEAB-4092-88F4-43A6A09A336E}D:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=d:\záloha wowa\world of warcraft\wow-2.4.2-engb-downloader.exe |
"UDP Query User{E5EC4DE8-90E6-4127-AF9C-8493D186437D}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{E7783AD6-8BE8-429B-8105-912A258CE913}K:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe" = protocol=17 | dir=in | app=k:\wow-2.4.0.8089-to-2.4.1.8125-engb-downloader.exe |
"UDP Query User{ED2863C0-1E9A-454C-BD98-F30783D1BF9A}D:\world of warcraft\wow-2.4.2-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.4.2-engb-downloader.exe |
"UDP Query User{F6CE0F91-8853-46C2-8A85-21CCE5F070D3}D:\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=d:\heroes of newerth\hon.exe |
"UDP Query User{FE4405CC-AD9B-492A-B596-731CE1E77224}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}" = Mercenaries 2: World in Flames(tm)
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AD89908-0987-4B9E-8AB4-905899E4D754}_is1" = Next Video Converter 2.1.0
"{3293C06B-003F-4027-8380-FFD79E38167D}" = Tony Hawk's American Wasteland (TM)
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{48E15C9C-E25C-40AD-A46B-AB270729B9B9}" = Google SketchUp Pro 7
"{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}" = Pinnacle VideoSpin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85EBB283-65AF-4C53-9EBE-7C0A232762F7}" = AGEIA PhysX v7.03.21
"{864785DF-6D78-4A38-B66F-845BC5741843}" = liteCAM Evaluation
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2EC1D87-728F-40F7-85B5-97483D89073D}" = VoD Maker
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08
"{A8019072-B760-47E2-9BDD-DF94B4FBFFBB}" = ArcSoft TotalMedia Backup
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{c8986bf7-5c85-40d2-83a6-0c8db1028ac0}" = Nero 9 Trial
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F38759F8-02B5-4829-B27A-20E2F0E269B2}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Acker DVD to PSP Converter v2.0_is1" = Acker DVD to PSP Converter v2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AIDA32_is1" = AIDA32 v3.80
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BSPlayer1" = BSPlayer
"Camtasia Studio 3" = Camtasia Studio 3
"Cartman's Authoritah_is1" = Cartman's Authoritah 1.3
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CloneDVD2" = CloneDVD2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"forumswatcher.com Toolbar" = forumswatcher.com Toolbar
"Fraps" = Fraps
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HijackThis" = HijackThis 2.0.2
"hon" = Heroes of Newerth
"ICQToolbar" = ICQ Toolbar
"Inkscape" = Inkscape 0.45.1
"InstallShield_{F38759F8-02B5-4829-B27A-20E2F0E269B2}" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Kristanix Right Click Image Converter" = Right Click Image Converter
"LANGMaster Škola DNES_is1" = LANGMaster Škola DNES
"Little Fighter 2" = Little Fighter 2 1.9c
"MAGIX Movie Edit Pro 11 e-version US" = MAGIX Movie Edit Pro 11 e-version (US)
"MediaCoder" = MediaCoder 0.7.1.4490
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MyWebSearch bar Uninstall" = My Web Search (MyWebFace)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OneClickPSPVideoConverter" = OneClick PSP Video Converter 2.6
"Picasa 3" = Picasa 3
"PowerArchiver" = PowerArchiver
"PSP Video 9" = PSP Video 9 4.06
"PSPVideoExpress" = PSP Video Express(remove only)
"rajče.net_is1" = rajče beta53 sestavení 101
"Scorpions WinCheater 2.07 (s databází 95)_is1" = Scorpions WinCheater
"SearchIn1Step" = SearchInOneStep 1.0 build 177
"Shockwave" = Shockwave
"SimplyCapture1.3" = SimplyCapture
"SP Penis Mouse" = SP Penis Mouse Screen Saver
"speedapps Toolbar" = speedapps Toolbar
"Steam App 13210" = Unreal Tournament 3
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 8730" = GTR Evolution Demo Dedicated Server
"Tahák 2.6" = Tahák 2.6
"The KMPlayer" = The KMPlayer (remove only)
"USARadioNow Toolbar" = USARadioNow Toolbar
"Video Karaoke Studio II" = Video Karaoke Studio II
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.0.2
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"XP Codec Pack" = XP Codec Pack
"YouTube Downloader App" = YouTube Downloader App 1.02
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.4.2010 14:23:53 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x14ac, čas spuštění
aplikace 0x01cae636c8ce742b.
Error - 27.4.2010 14:26:19 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x3b4, čas spuštění aplikace
0x01cae63721a9f38b.
Error - 27.4.2010 16:11:09 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul mpeg2dmx.ax, verze 2.0.84.30429, časové razítko 0x3eae72af,
kód výjimky 0xc0000005, posun chyby 0x0000dff3, ID procesu 0x166c, čas spuštění
aplikace 0x01cae645c699e31b.
Error - 28.4.2010 17:32:49 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 29.4.2010 11:21:49 | Computer Name = hp-PC | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 7.1.0.2096 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 9e0 Čas zahájení: 01cae7af7efd670a Čas ukončení: 102
Error - 2.5.2010 9:19:39 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.6002.18111, časové razítko
0x4aa91411, chybující modul ntdll.dll, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000374, posun chyby 0x000afaf8, ID procesu 0xc8c, čas spuštění aplikace
0x01cae9fa1d3fcbda.
Error - 4.5.2010 11:43:23 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:15:58 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:26:13 | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =
Error - 5.5.2010 9:26:59 | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace GOM.exe, verze 2.1.21.4846, časové razítko 0x4aefd89d,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0x178, čas spuštění aplikace 0x01caec5696f31e20.
[ System Events ]
Error - 5.5.2010 9:27:06 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5.5.2010 9:27:06 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 5.5.2010 9:32:15 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:32:16 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
Error - 5.5.2010 9:33:02 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
Error - 5.5.2010 9:33:48 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 5.5.2010 9:33:48 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.5.2010 9:34:37 | Computer Name = hp-PC | Source = DCOM | ID = 10010
Description =
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Security Tool
Pardon, zapomněl jsem to spusťit s ním.
EDIT: nejde mi to sem vložit, má to moc znaků.
EDIT: nejde mi to sem vložit, má to moc znaků.
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Security Tool
OTL logfile created on: 5.5.2010 17:38:56 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 211,98 Gb Free Space | 45,51% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,74 Gb Free Space | 59,20% Space Free | Partition Type: NTFS
Drive E: | 0,00 Mb Total Space | 0,00 Mb Free Space | NAN% Space Free | Partition Type: CDFS
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
PRC - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.03.19 11:39:13 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\hp\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.03.18 02:43:38 | 000,835,952 | ---- | M] (Opera Software) -- D:\Opera\opera.exe
PRC - [2010.02.21 06:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.02.01 21:50:57 | 000,298,608 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple) -- C:\Users\hp\AppData\Local\TempImages\iOmem101.exe
PRC - [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.09.19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Program Files\WinTV\EPG Services\System\EPGClient.exe
PRC - [2007.05.10 13:39:30 | 000,315,392 | ---- | M] (ArcSoft, Inc.) -- D:\ArcSoft\TotalMedia Backup\uBBMonitor.exe
========== Modules (SafeList) ==========
MOD - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
MOD - [2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2009.04.11 08:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009.04.11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009.04.11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009.04.11 08:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008.01.19 09:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008.01.19 09:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.02 20:55:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.07 14:28:22 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2009.12.02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009.12.02 16:23:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009.04.11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2009.03.02 13:41:49 | 000,029,184 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.07 14:28:22 | 002,911,848 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008.12.03 00:11:00 | 007,643,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.26 09:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.10.01 10:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\hp\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 211,98 Gb Free Space | 45,51% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 275,74 Gb Free Space | 59,20% Space Free | Partition Type: NTFS
Drive E: | 0,00 Mb Total Space | 0,00 Mb Free Space | NAN% Space Free | Partition Type: CDFS
Drive F: | 7,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 0,46 Gb Free Space | 12,28% Space Free | Partition Type: FAT32
Computer Name: HP-PC
Current User Name: hp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
PRC - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.03.19 11:39:13 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\hp\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.03.18 02:43:38 | 000,835,952 | ---- | M] (Opera Software) -- D:\Opera\opera.exe
PRC - [2010.02.21 06:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.02.01 21:50:57 | 000,298,608 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple) -- C:\Users\hp\AppData\Local\TempImages\iOmem101.exe
PRC - [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.09.19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Program Files\WinTV\EPG Services\System\EPGClient.exe
PRC - [2007.05.10 13:39:30 | 000,315,392 | ---- | M] (ArcSoft, Inc.) -- D:\ArcSoft\TotalMedia Backup\uBBMonitor.exe
========== Modules (SafeList) ==========
MOD - [2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
MOD - [2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2009.04.11 08:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009.04.11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009.04.11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009.04.11 08:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008.01.19 09:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008.01.19 09:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.05.01 12:36:01 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.02 20:55:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.07 14:28:22 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2009.12.02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009.12.02 16:23:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009.04.11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2009.03.02 13:41:49 | 000,029,184 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.07 14:28:22 | 002,911,848 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008.12.03 00:11:00 | 007,643,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.26 09:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.10.01 10:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
Re: Security Tool
IE - HKLM\..\URLSearchHook: {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.685
FF - prefs.js..extensions.enabledItems: {8771569D-6C8B-45B5-8D74-5A80DDDF668D}:1.0
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.03.11 16:39:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: D:\Mozilla Firefox\components [2009.11.02 20:37:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010.01.17 14:55:18 | 000,000,000 | ---D | M]
[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Extensions
[2010.04.04 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions
[2009.08.24 17:09:52 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.08.19 16:21:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.13 01:59:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.04.04 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\plugin@yontoo.com
[2009.04.08 16:37:25 | 000,000,358 | ---- | M] () -- C:\Users\hp\AppData\Roaming\Mozilla\FireFox\Profiles\sjcp62gr.default\searchplugins\winamp-search.xml
Hosts file not found
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (forumswatcher.com Toolbar) - {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O2 - BHO: (USARadioNow Toolbar) - {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (speedapps Toolbar) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (forumswatcher.com Toolbar) - {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (USARadioNow Toolbar) - {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (speedapps Toolbar) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (forumswatcher.com Toolbar) - {50D0CD27-D4EF-4A21-917E-A1573771DEF4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (USARadioNow Toolbar) - {669163C1-C4B9-46DE-AD62-A0271D3A0A75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (speedapps Toolbar) - {D9C9A8C9-460D-4343-888E-AE02BCC3CE57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Program Files\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [IEPR] C:\Users\hp\AppData\Local\TempImages\IEPR.exe ()
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [iOmem] C:\Users\hp\AppData\Local\TempImages\iOmem101.exe (Simple)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [PC Suite Tray] D:\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [RGSC] D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.3.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://www.yougamers.com/systeminfo/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {9DCB0AE8-633C-B1D2-29E1-3A811135D25A} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.29 08:12:19 | 000,000,048 | -H-- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{ec6f71de-c45d-11dd-9cc1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ec6f71de-c45d-11dd-9cc1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Installer.exe -- [2008.08.29 08:12:17 | 001,407,832 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.05.05 16:20:48 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
[2010.05.04 17:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.04 17:44:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.04 15:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\38963029
[2010.04.22 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Heroes of Newerth
[2010.04.14 18:12:44 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 18:12:43 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 18:12:38 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 18:12:30 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.14 18:12:29 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.08 15:13:33 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\SsC
[2010.04.07 15:03:33 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\GomPlayer
[2010.04.07 14:52:28 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\GRETECH
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.05.05 17:38:47 | 006,029,312 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 16:56:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.05 16:44:12 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000UA.job
[2010.05.05 16:39:21 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
[2010.05.05 15:54:51 | 000,000,574 | ---- | M] () -- C:\Users\hp\Desktop\wowrm.ini
[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.05 15:31:14 | 000,000,658 | ---- | M] () -- C:\Users\hp\Desktop\Security Tool.lnk
[2010.05.05 15:30:58 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.05 15:30:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.05 15:30:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.05 15:30:45 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.05 15:29:26 | 000,524,288 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT{b840ead8-b671-11dd-a364-001e8c5c098b}.TMContainer00000000000000000001.regtrans-ms
[2010.05.05 15:29:26 | 000,065,536 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT{b840ead8-b671-11dd-a364-001e8c5c098b}.TM.blf
[2010.05.05 15:26:47 | 000,001,356 | ---- | M] () -- C:\Users\hp\AppData\Local\d3d9caps.dat
[2010.05.05 15:22:33 | 000,028,365 | ---- | M] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt
[2010.05.05 14:36:15 | 000,198,144 | ---- | M] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.04 23:37:42 | 000,002,769 | ---- | M] () -- C:\Users\hp\Desktop\dsaf.jpeg
[2010.05.04 23:37:37 | 000,002,355 | ---- | M] () -- C:\Users\hp\Desktop\dasd.jpeg
[2010.05.04 23:37:26 | 000,004,359 | ---- | M] () -- C:\Users\hp\Desktop\ads.jpeg
[2010.05.04 23:37:17 | 000,004,006 | ---- | M] () -- C:\Users\hp\Desktop\sd.jpeg
[2010.05.04 23:37:13 | 000,005,045 | ---- | M] () -- C:\Users\hp\Desktop\sss.jpeg
[2010.05.04 23:37:02 | 000,003,193 | ---- | M] () -- C:\Users\hp\Desktop\images.jpeg
[2010.05.04 22:58:37 | 009,619,584 | ---- | M] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3
[2010.05.04 18:39:36 | 586,048,475 | ---- | M] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv
[2010.05.04 17:39:54 | 000,781,909 | ---- | M] () -- C:\Users\hp\Desktop\RSIT.exe
[2010.04.30 10:44:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000Core.job
[2010.04.30 10:43:25 | 001,613,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.13 16:01:43 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.04.07 14:51:06 | 000,000,593 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.685
FF - prefs.js..extensions.enabledItems: {8771569D-6C8B-45B5-8D74-5A80DDDF668D}:1.0
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.03.11 16:39:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: D:\Mozilla Firefox\components [2009.11.02 20:37:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010.01.17 14:55:18 | 000,000,000 | ---D | M]
[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Extensions
[2010.04.04 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions
[2009.08.24 17:09:52 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.08.19 16:21:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.13 01:59:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.04.04 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\sjcp62gr.default\extensions\plugin@yontoo.com
[2009.04.08 16:37:25 | 000,000,358 | ---- | M] () -- C:\Users\hp\AppData\Roaming\Mozilla\FireFox\Profiles\sjcp62gr.default\searchplugins\winamp-search.xml
Hosts file not found
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (forumswatcher.com Toolbar) - {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O2 - BHO: (USARadioNow Toolbar) - {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (speedapps Toolbar) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (forumswatcher.com Toolbar) - {50d0cd27-d4ef-4a21-917e-a1573771def4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (USARadioNow Toolbar) - {669163c1-c4b9-46de-ad62-a0271d3a0a75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (speedapps Toolbar) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (forumswatcher.com Toolbar) - {50D0CD27-D4EF-4A21-917E-A1573771DEF4} - C:\Program Files\forumswatcher.com\tbforu.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (USARadioNow Toolbar) - {669163C1-C4B9-46DE-AD62-A0271D3A0A75} - C:\Program Files\USARadioNow\tbUSAR.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (speedapps Toolbar) - {D9C9A8C9-460D-4343-888E-AE02BCC3CE57} - C:\Program Files\speedapps\tbspee.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Program Files\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [IEPR] C:\Users\hp\AppData\Local\TempImages\IEPR.exe ()
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [iOmem] C:\Users\hp\AppData\Local\TempImages\iOmem101.exe (Simple)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [PC Suite Tray] D:\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [RGSC] D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.3.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://www.yougamers.com/systeminfo/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {9DCB0AE8-633C-B1D2-29E1-3A811135D25A} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.29 08:12:19 | 000,000,048 | -H-- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{ec6f71de-c45d-11dd-9cc1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ec6f71de-c45d-11dd-9cc1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Installer.exe -- [2008.08.29 08:12:17 | 001,407,832 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.05.05 16:20:48 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
[2010.05.04 17:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.04 17:44:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.04 15:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\38963029
[2010.04.22 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Heroes of Newerth
[2010.04.14 18:12:44 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 18:12:43 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 18:12:38 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 18:12:30 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.14 18:12:29 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.08 15:13:33 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\SsC
[2010.04.07 15:03:33 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\GomPlayer
[2010.04.07 14:52:28 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\GRETECH
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.05.05 17:38:47 | 006,029,312 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 16:56:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.05 16:44:12 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000UA.job
[2010.05.05 16:39:21 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.05.05 16:21:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\OTL.exe
[2010.05.05 15:54:51 | 000,000,574 | ---- | M] () -- C:\Users\hp\Desktop\wowrm.ini
[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.05 15:31:14 | 000,000,658 | ---- | M] () -- C:\Users\hp\Desktop\Security Tool.lnk
[2010.05.05 15:30:58 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.05 15:30:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.05 15:30:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.05 15:30:45 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.05 15:29:26 | 000,524,288 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT{b840ead8-b671-11dd-a364-001e8c5c098b}.TMContainer00000000000000000001.regtrans-ms
[2010.05.05 15:29:26 | 000,065,536 | -HS- | M] () -- C:\Users\hp\NTUSER.DAT{b840ead8-b671-11dd-a364-001e8c5c098b}.TM.blf
[2010.05.05 15:26:47 | 000,001,356 | ---- | M] () -- C:\Users\hp\AppData\Local\d3d9caps.dat
[2010.05.05 15:22:33 | 000,028,365 | ---- | M] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt
[2010.05.05 14:36:15 | 000,198,144 | ---- | M] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.04 23:37:42 | 000,002,769 | ---- | M] () -- C:\Users\hp\Desktop\dsaf.jpeg
[2010.05.04 23:37:37 | 000,002,355 | ---- | M] () -- C:\Users\hp\Desktop\dasd.jpeg
[2010.05.04 23:37:26 | 000,004,359 | ---- | M] () -- C:\Users\hp\Desktop\ads.jpeg
[2010.05.04 23:37:17 | 000,004,006 | ---- | M] () -- C:\Users\hp\Desktop\sd.jpeg
[2010.05.04 23:37:13 | 000,005,045 | ---- | M] () -- C:\Users\hp\Desktop\sss.jpeg
[2010.05.04 23:37:02 | 000,003,193 | ---- | M] () -- C:\Users\hp\Desktop\images.jpeg
[2010.05.04 22:58:37 | 009,619,584 | ---- | M] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3
[2010.05.04 18:39:36 | 586,048,475 | ---- | M] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv
[2010.05.04 17:39:54 | 000,781,909 | ---- | M] () -- C:\Users\hp\Desktop\RSIT.exe
[2010.04.30 10:44:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-327595103-1516075565-1027953969-1000Core.job
[2010.04.30 10:43:25 | 001,613,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.13 16:01:43 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.04.07 14:51:06 | 000,000,593 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
Re: Security Tool
[2010.05.05 15:30:45 | 3219,644,416 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.05 15:22:22 | 000,028,365 | ---- | C] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt
[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk
[2010.05.04 23:37:42 | 000,002,769 | ---- | C] () -- C:\Users\hp\Desktop\dsaf.jpeg
[2010.05.04 23:37:37 | 000,002,355 | ---- | C] () -- C:\Users\hp\Desktop\dasd.jpeg
[2010.05.04 23:37:26 | 000,004,359 | ---- | C] () -- C:\Users\hp\Desktop\ads.jpeg
[2010.05.04 23:37:17 | 000,004,006 | ---- | C] () -- C:\Users\hp\Desktop\sd.jpeg
[2010.05.04 23:37:13 | 000,005,045 | ---- | C] () -- C:\Users\hp\Desktop\sss.jpeg
[2010.05.04 23:37:02 | 000,003,193 | ---- | C] () -- C:\Users\hp\Desktop\images.jpeg
[2010.05.04 22:57:56 | 009,619,584 | ---- | C] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3
[2010.05.04 18:28:13 | 586,048,475 | ---- | C] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv
[2010.05.04 17:39:51 | 000,781,909 | ---- | C] () -- C:\Users\hp\Desktop\RSIT.exe
[2010.04.07 14:51:06 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2009.12.19 23:33:32 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.02 16:51:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.06 19:35:43 | 000,000,675 | ---- | C] () -- C:\Windows\System32\WEHLanguage.ini
[2009.06.06 19:35:43 | 000,000,580 | ---- | C] () -- C:\Windows\System32\WEH5ColorConfig.ini
[2009.02.03 01:28:57 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.01.13 21:44:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.09.24 16:16:08 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2008.09.24 16:15:45 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2008.09.24 16:15:12 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2008.09.24 16:15:12 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.24 16:15:04 | 000,003,797 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2008.09.24 16:12:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007.03.29 23:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.03.26 10:45:18 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\UNRAR.DLL
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll
[2004.10.12 07:40:58 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2004.10.12 07:39:48 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2004.10.12 07:39:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2004.10.09 07:40:16 | 000,454,144 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2004.10.05 09:16:08 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
[2000.03.29 22:00:00 | 000,125,440 | ---- | C] () -- C:\Windows\System32\UNZDLL.DLL
[1999.08.11 15:28:02 | 000,101,888 | ---- | C] () -- C:\Windows\System32\LIBBZ2.DLL
[1999.05.21 21:10:00 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ZIPDLL.DLL
[1998.06.13 22:53:26 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[1998.01.28 00:06:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\UNACE.DLL
========== LOP Check ==========
[2010.05.05 15:08:28 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.)
"Steam" = "c:\program files\steam\steam.exe" -silent -- [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation)
"Google Update" = "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2008.11.25 23:32:15 | 000,133,104 | ---- | M] (Google Inc.)
"RGSC" = D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.12.13 13:04:58 | 000,306,088 | ---- | M] (Take-Two Interactive Software, Inc.)
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- File not found
"PC Suite Tray" = "D:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia)
"IEPR" = C:\Users\hp\AppData\Local\TempImages\IEPR.exe -- [2008.11.26 13:02:38 | 000,024,576 | ---- | M] ()
"iOmem" = C:\Users\hp\AppData\Local\TempImages\iOmem101.exe -- [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple)
"MyWebSearch Email Plugin" = C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -- [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 17:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.08.20 14:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 -- [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.13 00:17:59 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\3DFA
[2010.03.27 10:21:53 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Adobe
[2009.05.02 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ArcSoft
[2009.02.03 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\AVS4YOU
[2009.01.14 22:04:48 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Bioshock
[2009.08.18 18:26:04 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Broad Intelligence
[2008.11.19 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Capcom
[2009.10.29 01:46:01 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\COWON
[2009.10.15 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Desktopicon
[2009.02.02 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Google
[2010.04.07 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\GRETECH
[2009.05.27 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\gtk-2.0
[2010.05.05 15:32:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ICQ
[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Identities
[2009.01.12 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Inkscape
[2008.10.20 22:18:00 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\InstallShield
[2008.10.25 13:04:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Center Programs
[2009.03.01 20:30:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Player Classic
[2009.11.29 23:16:44 | 000,000,000 | --SD | M] -- C:\Users\hp\AppData\Roaming\Microsoft
[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Mozilla
[2009.09.23 22:54:46 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\NCH Software
[2009.12.21 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nero
[2009.04.29 17:12:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nokia
[2009.08.18 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\OpenCandy
[2009.01.14 22:57:49 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Opera
[2008.12.25 01:30:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\PC Suite
[2009.08.05 21:21:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Red Kawa
[2009.08.05 21:22:13 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Regensoft
[2009.03.12 00:59:58 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Scirra
[2008.10.20 22:30:53 | 000,000,000 | RH-D | M] -- C:\Users\hp\AppData\Roaming\SecuROM
[2008.10.20 22:31:11 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Sierra Entertainment
[2010.04.05 03:51:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Skype
[2010.04.05 02:43:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\skypePM
[2009.06.29 11:14:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\SoundSpectrum
[2009.06.12 18:16:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ubisoft
[2009.12.11 22:01:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\uTorrent
[2008.11.11 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ventrilo
[2009.09.25 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\vlc
[2009.06.10 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Winamp
[2009.02.18 14:36:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.11.18 19:11:23 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\hp\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.09.11 21:16:41 | 000,057,344 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe
[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe
[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe
[2009.09.11 21:16:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe
[2009.09.11 21:16:41 | 000,008,854 | R--- | M] () -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\Uninstall_THAW_3293C06B003F40278380FFD79E38167D.exe
[2008.02.13 08:07:36 | 000,393,216 | ---- | M] () -- C:\Users\hp\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe
[2009.08.18 18:26:11 | 002,228,534 | ---- | M] ( ) -- C:\Users\hp\AppData\Roaming\OpenCandy\audacity-win-1.2.6.exe
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.20 18:40:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.10.20 18:40:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.10.20 18:28:58 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.10.20 18:28:58 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662
@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
[2010.05.05 15:22:22 | 000,028,365 | ---- | C] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt
[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk
[2010.05.04 23:37:42 | 000,002,769 | ---- | C] () -- C:\Users\hp\Desktop\dsaf.jpeg
[2010.05.04 23:37:37 | 000,002,355 | ---- | C] () -- C:\Users\hp\Desktop\dasd.jpeg
[2010.05.04 23:37:26 | 000,004,359 | ---- | C] () -- C:\Users\hp\Desktop\ads.jpeg
[2010.05.04 23:37:17 | 000,004,006 | ---- | C] () -- C:\Users\hp\Desktop\sd.jpeg
[2010.05.04 23:37:13 | 000,005,045 | ---- | C] () -- C:\Users\hp\Desktop\sss.jpeg
[2010.05.04 23:37:02 | 000,003,193 | ---- | C] () -- C:\Users\hp\Desktop\images.jpeg
[2010.05.04 22:57:56 | 009,619,584 | ---- | C] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3
[2010.05.04 18:28:13 | 586,048,475 | ---- | C] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv
[2010.05.04 17:39:51 | 000,781,909 | ---- | C] () -- C:\Users\hp\Desktop\RSIT.exe
[2010.04.07 14:51:06 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2009.12.19 23:33:32 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.02 16:51:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.06 19:35:43 | 000,000,675 | ---- | C] () -- C:\Windows\System32\WEHLanguage.ini
[2009.06.06 19:35:43 | 000,000,580 | ---- | C] () -- C:\Windows\System32\WEH5ColorConfig.ini
[2009.02.03 01:28:57 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.01.13 21:44:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.09.24 16:16:08 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2008.09.24 16:15:45 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2008.09.24 16:15:12 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2008.09.24 16:15:12 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.24 16:15:04 | 000,003,797 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2008.09.24 16:12:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007.03.29 23:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.03.26 10:45:18 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\UNRAR.DLL
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll
[2004.10.12 07:40:58 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2004.10.12 07:39:48 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2004.10.12 07:39:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2004.10.09 07:40:16 | 000,454,144 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2004.10.05 09:16:08 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
[2000.03.29 22:00:00 | 000,125,440 | ---- | C] () -- C:\Windows\System32\UNZDLL.DLL
[1999.08.11 15:28:02 | 000,101,888 | ---- | C] () -- C:\Windows\System32\LIBBZ2.DLL
[1999.05.21 21:10:00 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ZIPDLL.DLL
[1998.06.13 22:53:26 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[1998.01.28 00:06:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\UNACE.DLL
========== LOP Check ==========
[2010.05.05 15:08:28 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.)
"Steam" = "c:\program files\steam\steam.exe" -silent -- [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation)
"Google Update" = "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2008.11.25 23:32:15 | 000,133,104 | ---- | M] (Google Inc.)
"RGSC" = D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.12.13 13:04:58 | 000,306,088 | ---- | M] (Take-Two Interactive Software, Inc.)
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- File not found
"PC Suite Tray" = "D:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia)
"IEPR" = C:\Users\hp\AppData\Local\TempImages\IEPR.exe -- [2008.11.26 13:02:38 | 000,024,576 | ---- | M] ()
"iOmem" = C:\Users\hp\AppData\Local\TempImages\iOmem101.exe -- [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple)
"MyWebSearch Email Plugin" = C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -- [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 17:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.08.20 14:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 -- [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.13 00:17:59 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\3DFA
[2010.03.27 10:21:53 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Adobe
[2009.05.02 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ArcSoft
[2009.02.03 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\AVS4YOU
[2009.01.14 22:04:48 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Bioshock
[2009.08.18 18:26:04 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Broad Intelligence
[2008.11.19 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Capcom
[2009.10.29 01:46:01 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\COWON
[2009.10.15 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Desktopicon
[2009.02.02 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Google
[2010.04.07 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\GRETECH
[2009.05.27 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\gtk-2.0
[2010.05.05 15:32:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ICQ
[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Identities
[2009.01.12 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Inkscape
[2008.10.20 22:18:00 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\InstallShield
[2008.10.25 13:04:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Center Programs
[2009.03.01 20:30:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Player Classic
[2009.11.29 23:16:44 | 000,000,000 | --SD | M] -- C:\Users\hp\AppData\Roaming\Microsoft
[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Mozilla
[2009.09.23 22:54:46 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\NCH Software
[2009.12.21 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nero
[2009.04.29 17:12:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nokia
[2009.08.18 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\OpenCandy
[2009.01.14 22:57:49 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Opera
[2008.12.25 01:30:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\PC Suite
[2009.08.05 21:21:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Red Kawa
[2009.08.05 21:22:13 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Regensoft
[2009.03.12 00:59:58 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Scirra
[2008.10.20 22:30:53 | 000,000,000 | RH-D | M] -- C:\Users\hp\AppData\Roaming\SecuROM
[2008.10.20 22:31:11 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Sierra Entertainment
[2010.04.05 03:51:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Skype
[2010.04.05 02:43:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\skypePM
[2009.06.29 11:14:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\SoundSpectrum
[2009.06.12 18:16:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ubisoft
[2009.12.11 22:01:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\uTorrent
[2008.11.11 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ventrilo
[2009.09.25 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\vlc
[2009.06.10 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Winamp
[2009.02.18 14:36:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.11.18 19:11:23 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\hp\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.09.11 21:16:41 | 000,057,344 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe
[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe
[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe
[2009.09.11 21:16:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe
[2009.09.11 21:16:41 | 000,008,854 | R--- | M] () -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\Uninstall_THAW_3293C06B003F40278380FFD79E38167D.exe
[2008.02.13 08:07:36 | 000,393,216 | ---- | M] () -- C:\Users\hp\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe
[2009.08.18 18:26:11 | 002,228,534 | ---- | M] ( ) -- C:\Users\hp\AppData\Roaming\OpenCandy\audacity-win-1.2.6.exe
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.20 18:40:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.10.20 18:40:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.10.20 18:28:58 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.10.20 18:28:58 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662
@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Security Tool
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [IEPR] C:\Users\hp\AppData\Local\TempImages\IEPR.exe ()
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [iOmem] C:\Users\hp\AppData\Local\TempImages\iOmem101.exe (Simple)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {9DCB0AE8-633C-B1D2-29E1-3A811135D25A} - Reg Error: Key error. File not found
[2010.05.04 15:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\38963029
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk
@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662
@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.3.cab (Reg Error: Key error.)
:Files
C:\Program Files\AskBarDis
C:\Program Files\MyWebSearch
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
Naposledy upravil(a) Caroprd111 dne 05 kvě 2010 18:09, celkem upraveno 2 x.
Re: Security Tool
Error: Unable to interpret <[2010.05.05 15:30:45 | 3219,644,416 | -HS- | C] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2010.05.05 15:22:22 | 000,028,365 | ---- | C] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt> in the current context!
Error: Unable to interpret <[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:42 | 000,002,769 | ---- | C] () -- C:\Users\hp\Desktop\dsaf.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:37 | 000,002,355 | ---- | C] () -- C:\Users\hp\Desktop\dasd.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:26 | 000,004,359 | ---- | C] () -- C:\Users\hp\Desktop\ads.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:17 | 000,004,006 | ---- | C] () -- C:\Users\hp\Desktop\sd.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:13 | 000,005,045 | ---- | C] () -- C:\Users\hp\Desktop\sss.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:02 | 000,003,193 | ---- | C] () -- C:\Users\hp\Desktop\images.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 22:57:56 | 009,619,584 | ---- | C] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3> in the current context!
Error: Unable to interpret <[2010.05.04 18:28:13 | 586,048,475 | ---- | C] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv> in the current context!
Error: Unable to interpret <[2010.05.04 17:39:51 | 000,781,909 | ---- | C] () -- C:\Users\hp\Desktop\RSIT.exe> in the current context!
Error: Unable to interpret <[2010.04.07 14:51:06 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk> in the current context!
Error: Unable to interpret <[2009.12.19 23:33:32 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll> in the current context!
Error: Unable to interpret <[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat> in the current context!
Error: Unable to interpret <[2009.08.02 16:51:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll> in the current context!
Error: Unable to interpret <[2009.06.06 19:35:43 | 000,000,675 | ---- | C] () -- C:\Windows\System32\WEHLanguage.ini> in the current context!
Error: Unable to interpret <[2009.06.06 19:35:43 | 000,000,580 | ---- | C] () -- C:\Windows\System32\WEH5ColorConfig.ini> in the current context!
Error: Unable to interpret <[2009.02.03 01:28:57 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini> in the current context!
Error: Unable to interpret <[2009.01.13 21:44:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:16:08 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:45 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:12 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:12 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:04 | 000,003,797 | ---- | C] () -- C:\Windows\HCWPNP.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:12:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll> in the current context!
Error: Unable to interpret <[2007.03.29 23:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll> in the current context!
Error: Unable to interpret <[2007.03.26 10:45:18 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll> in the current context!
Error: Unable to interpret <[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll> in the current context!
Error: Unable to interpret <[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll> in the current context!
Error: Unable to interpret <[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll> in the current context!
Error: Unable to interpret <[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\UNRAR.DLL> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:40:58 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:39:48 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:39:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\ff_theora.dll> in the current context!
Error: Unable to interpret <[2004.10.09 07:40:16 | 000,454,144 | ---- | C] () -- C:\Windows\System32\ff_x264.dll> in the current context!
Error: Unable to interpret <[2004.10.05 09:16:08 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll> in the current context!
Error: Unable to interpret <[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll> in the current context!
Error: Unable to interpret <[2000.03.29 22:00:00 | 000,125,440 | ---- | C] () -- C:\Windows\System32\UNZDLL.DLL> in the current context!
Error: Unable to interpret <[1999.08.11 15:28:02 | 000,101,888 | ---- | C] () -- C:\Windows\System32\LIBBZ2.DLL> in the current context!
Error: Unable to interpret <[1999.05.21 21:10:00 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ZIPDLL.DLL> in the current context!
Error: Unable to interpret <[1998.06.13 22:53:26 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL> in the current context!
Error: Unable to interpret <[1998.01.28 00:06:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\UNACE.DLL> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret <[2010.05.05 15:22:22 | 000,028,365 | ---- | C] () -- C:\Users\hp\Desktop\titulky_how.i.met.your.mother.s05e21.hdtv.xvid-lol.cz.srt> in the current context!
Error: Unable to interpret <[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:42 | 000,002,769 | ---- | C] () -- C:\Users\hp\Desktop\dsaf.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:37 | 000,002,355 | ---- | C] () -- C:\Users\hp\Desktop\dasd.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:26 | 000,004,359 | ---- | C] () -- C:\Users\hp\Desktop\ads.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:17 | 000,004,006 | ---- | C] () -- C:\Users\hp\Desktop\sd.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:13 | 000,005,045 | ---- | C] () -- C:\Users\hp\Desktop\sss.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 23:37:02 | 000,003,193 | ---- | C] () -- C:\Users\hp\Desktop\images.jpeg> in the current context!
Error: Unable to interpret <[2010.05.04 22:57:56 | 009,619,584 | ---- | C] () -- C:\Users\hp\Desktop\Relaxační hudba.mp3> in the current context!
Error: Unable to interpret <[2010.05.04 18:28:13 | 586,048,475 | ---- | C] () -- C:\Users\hp\Desktop\how.i.met.your.mother.s05e21.720p.hdtv.x264-dimension.mkv> in the current context!
Error: Unable to interpret <[2010.05.04 17:39:51 | 000,781,909 | ---- | C] () -- C:\Users\hp\Desktop\RSIT.exe> in the current context!
Error: Unable to interpret <[2010.04.07 14:51:06 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk> in the current context!
Error: Unable to interpret <[2009.12.19 23:33:32 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll> in the current context!
Error: Unable to interpret <[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat> in the current context!
Error: Unable to interpret <[2009.08.02 16:51:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll> in the current context!
Error: Unable to interpret <[2009.06.06 19:35:43 | 000,000,675 | ---- | C] () -- C:\Windows\System32\WEHLanguage.ini> in the current context!
Error: Unable to interpret <[2009.06.06 19:35:43 | 000,000,580 | ---- | C] () -- C:\Windows\System32\WEH5ColorConfig.ini> in the current context!
Error: Unable to interpret <[2009.02.03 01:28:57 | 000,005,729 | ---- | C] () -- C:\Windows\mgxoschk.ini> in the current context!
Error: Unable to interpret <[2009.01.13 21:44:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:16:08 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:45 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:12 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:12 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:15:04 | 000,003,797 | ---- | C] () -- C:\Windows\HCWPNP.INI> in the current context!
Error: Unable to interpret <[2008.09.24 16:12:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll> in the current context!
Error: Unable to interpret <[2007.03.29 23:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll> in the current context!
Error: Unable to interpret <[2007.03.26 10:45:18 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll> in the current context!
Error: Unable to interpret <[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll> in the current context!
Error: Unable to interpret <[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll> in the current context!
Error: Unable to interpret <[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll> in the current context!
Error: Unable to interpret <[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll> in the current context!
Error: Unable to interpret <[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\UNRAR.DLL> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll> in the current context!
Error: Unable to interpret <[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:40:58 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:39:48 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll> in the current context!
Error: Unable to interpret <[2004.10.12 07:39:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\ff_theora.dll> in the current context!
Error: Unable to interpret <[2004.10.09 07:40:16 | 000,454,144 | ---- | C] () -- C:\Windows\System32\ff_x264.dll> in the current context!
Error: Unable to interpret <[2004.10.05 09:16:08 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll> in the current context!
Error: Unable to interpret <[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll> in the current context!
Error: Unable to interpret <[2000.03.29 22:00:00 | 000,125,440 | ---- | C] () -- C:\Windows\System32\UNZDLL.DLL> in the current context!
Error: Unable to interpret <[1999.08.11 15:28:02 | 000,101,888 | ---- | C] () -- C:\Windows\System32\LIBBZ2.DLL> in the current context!
Error: Unable to interpret <[1999.05.21 21:10:00 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ZIPDLL.DLL> in the current context!
Error: Unable to interpret <[1998.06.13 22:53:26 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL> in the current context!
Error: Unable to interpret <[1998.01.28 00:06:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\UNACE.DLL> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Re: Security Tool
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2010.05.05 15:08:28 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Custom Scans ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >> in the current context!
Error: Unable to interpret <"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.)> in the current context!
Error: Unable to interpret <"Steam" = "c:\program files\steam\steam.exe" -silent -- [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation)> in the current context!
Error: Unable to interpret <"Google Update" = "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2008.11.25 23:32:15 | 000,133,104 | ---- | M] (Google Inc.)> in the current context!
Error: Unable to interpret <"RGSC" = D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.12.13 13:04:58 | 000,306,088 | ---- | M] (Take-Two Interactive Software, Inc.)> in the current context!
Error: Unable to interpret <"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- File not found> in the current context!
Error: Unable to interpret <"PC Suite Tray" = "D:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia)> in the current context!
Error: Unable to interpret <"IEPR" = C:\Users\hp\AppData\Local\TempImages\IEPR.exe -- [2008.11.26 13:02:38 | 000,024,576 | ---- | M] ()> in the current context!
Error: Unable to interpret <"iOmem" = C:\Users\hp\AppData\Local\TempImages\iOmem101.exe -- [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple)> in the current context!
Error: Unable to interpret <"MyWebSearch Email Plugin" = C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -- [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com)> in the current context!
Error: Unable to interpret <"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 17:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.08.20 14:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ICQ" = "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 -- [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.)> in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]> in the current context!
Error: Unable to interpret <"" = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << c:\windows\*.* /U >> in the current context!
Error: Unable to interpret <[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %SYSTEMDRIVE%\*.exe >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*. >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*.exe /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*. >> in the current context!
Error: Unable to interpret <[2009.01.13 00:17:59 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\3DFA> in the current context!
Error: Unable to interpret <[2010.03.27 10:21:53 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Adobe> in the current context!
Error: Unable to interpret <[2009.05.02 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ArcSoft> in the current context!
Error: Unable to interpret <[2009.02.03 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\AVS4YOU> in the current context!
Error: Unable to interpret <[2009.01.14 22:04:48 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Bioshock> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:04 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Broad Intelligence> in the current context!
Error: Unable to interpret <[2008.11.19 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Capcom> in the current context!
Error: Unable to interpret <[2009.10.29 01:46:01 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\COWON> in the current context!
Error: Unable to interpret <[2009.10.15 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Desktopicon> in the current context!
Error: Unable to interpret <[2009.02.02 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Google> in the current context!
Error: Unable to interpret <[2010.04.07 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\GRETECH> in the current context!
Error: Unable to interpret <[2009.05.27 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2010.05.05 15:32:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ICQ> in the current context!
Error: Unable to interpret <[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Identities> in the current context!
Error: Unable to interpret <[2009.01.12 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Inkscape> in the current context!
Error: Unable to interpret <[2008.10.20 22:18:00 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\InstallShield> in the current context!
Error: Unable to interpret <[2008.10.25 13:04:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Macromedia> in the current context!
Error: Unable to interpret <[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Center Programs> in the current context!
Error: Unable to interpret <[2009.03.01 20:30:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Player Classic> in the current context!
Error: Unable to interpret <[2009.11.29 23:16:44 | 000,000,000 | --SD | M] -- C:\Users\hp\AppData\Roaming\Microsoft> in the current context!
Error: Unable to interpret <[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Mozilla> in the current context!
Error: Unable to interpret <[2009.09.23 22:54:46 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\NCH Software> in the current context!
Error: Unable to interpret <[2009.12.21 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nero> in the current context!
Error: Unable to interpret <[2009.04.29 17:12:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nokia> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\OpenCandy> in the current context!
Error: Unable to interpret <[2009.01.14 22:57:49 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Opera> in the current context!
Error: Unable to interpret <[2008.12.25 01:30:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\PC Suite> in the current context!
Error: Unable to interpret <[2009.08.05 21:21:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Red Kawa> in the current context!
Error: Unable to interpret <[2009.08.05 21:22:13 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Regensoft> in the current context!
Error: Unable to interpret <[2009.03.12 00:59:58 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Scirra> in the current context!
Error: Unable to interpret <[2008.10.20 22:30:53 | 000,000,000 | RH-D | M] -- C:\Users\hp\AppData\Roaming\SecuROM> in the current context!
Error: Unable to interpret <[2008.10.20 22:31:11 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Sierra Entertainment> in the current context!
Error: Unable to interpret <[2010.04.05 03:51:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Skype> in the current context!
Error: Unable to interpret <[2010.04.05 02:43:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\skypePM> in the current context!
Error: Unable to interpret <[2009.06.29 11:14:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\SoundSpectrum> in the current context!
Error: Unable to interpret <[2009.06.12 18:16:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ubisoft> in the current context!
Error: Unable to interpret <[2009.12.11 22:01:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\uTorrent> in the current context!
Error: Unable to interpret <[2008.11.11 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ventrilo> in the current context!
Error: Unable to interpret <[2009.09.25 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\vlc> in the current context!
Error: Unable to interpret <[2009.06.10 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Winamp> in the current context!
Error: Unable to interpret <[2009.02.18 14:36:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\WinRAR> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*.exe /s >> in the current context!
Error: Unable to interpret <[2009.11.18 19:11:23 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\hp\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,057,344 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,008,854 | R--- | M] () -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\Uninstall_THAW_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2008.02.13 08:07:36 | 000,393,216 | ---- | M] () -- C:\Users\hp\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:11 | 002,228,534 | ---- | M] ( ) -- C:\Users\hp\AppData\Roaming\OpenCandy\audacity-win-1.2.6.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: AGP440.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ATAPI.SYS >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CDROM.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys> in the current context!
Error: Unable to interpret <[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys> in the current context!
Error: Unable to interpret <[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CNGAUDIT.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CRYPTSVC.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: EXPLORER.EXE >> in the current context!
Error: Unable to interpret <[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.20 18:40:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.20 18:40:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: HAL.DLL >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: IASTORV.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ISAPNP.SYS >> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: LSASS.EXE >> in the current context!
Error: Unable to interpret <[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NDIS.SYS >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NETLOGON.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVRAID.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVSTOR.SYS >> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SCECLI.DLL >> in the current context!
Error: Unable to interpret <[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SMSS.EXE >> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SVCHOST.EXE >> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: TCPIP.SYS >> in the current context!
Error: Unable to interpret <[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:28:58 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:28:58 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys> in the current context!
Error: Unable to interpret <[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USERINIT.EXE >> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WINLOGON.EXE >> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WS2_32.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\*. /mp /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll> in the current context!
Error: Unable to interpret <[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\Tasks\*.job /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\System32\config\*.sav >> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll> in the current context!
Error: Unable to interpret <[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV> in the current context!
Error: Unable to interpret < IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS> in the current context!
Error: Unable to interpret < IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /3 >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.* /3 >> in the current context!
Error: Unable to interpret <[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE> in the current context!
Error: Unable to interpret << End of report >> in the current context!
OTL by OldTimer - Version 3.2.4.1 log created on 05052010_190538
Error: Unable to interpret <[2010.05.05 15:08:28 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Custom Scans ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >> in the current context!
Error: Unable to interpret <"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2008.10.25 13:04:27 | 000,039,408 | ---- | M] (Google Inc.)> in the current context!
Error: Unable to interpret <"Steam" = "c:\program files\steam\steam.exe" -silent -- [2010.04.27 11:03:02 | 001,238,352 | ---- | M] (Valve Corporation)> in the current context!
Error: Unable to interpret <"Google Update" = "C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2008.11.25 23:32:15 | 000,133,104 | ---- | M] (Google Inc.)> in the current context!
Error: Unable to interpret <"RGSC" = D:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.12.13 13:04:58 | 000,306,088 | ---- | M] (Take-Two Interactive Software, Inc.)> in the current context!
Error: Unable to interpret <"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- File not found> in the current context!
Error: Unable to interpret <"PC Suite Tray" = "D:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2008.12.03 13:47:34 | 001,205,760 | ---- | M] (Nokia)> in the current context!
Error: Unable to interpret <"IEPR" = C:\Users\hp\AppData\Local\TempImages\IEPR.exe -- [2008.11.26 13:02:38 | 000,024,576 | ---- | M] ()> in the current context!
Error: Unable to interpret <"iOmem" = C:\Users\hp\AppData\Local\TempImages\iOmem101.exe -- [2009.01.04 17:18:26 | 000,053,248 | ---- | M] (Simple)> in the current context!
Error: Unable to interpret <"MyWebSearch Email Plugin" = C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -- [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com)> in the current context!
Error: Unable to interpret <"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 17:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.08.20 14:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ICQ" = "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 -- [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.)> in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]> in the current context!
Error: Unable to interpret <"" = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << c:\windows\*.* /U >> in the current context!
Error: Unable to interpret <[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %SYSTEMDRIVE%\*.exe >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*. >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*.exe /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*. >> in the current context!
Error: Unable to interpret <[2009.01.13 00:17:59 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\3DFA> in the current context!
Error: Unable to interpret <[2010.03.27 10:21:53 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Adobe> in the current context!
Error: Unable to interpret <[2009.05.02 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ArcSoft> in the current context!
Error: Unable to interpret <[2009.02.03 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\AVS4YOU> in the current context!
Error: Unable to interpret <[2009.01.14 22:04:48 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Bioshock> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:04 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Broad Intelligence> in the current context!
Error: Unable to interpret <[2008.11.19 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Capcom> in the current context!
Error: Unable to interpret <[2009.10.29 01:46:01 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\COWON> in the current context!
Error: Unable to interpret <[2009.10.15 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Desktopicon> in the current context!
Error: Unable to interpret <[2009.02.02 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Google> in the current context!
Error: Unable to interpret <[2010.04.07 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\GRETECH> in the current context!
Error: Unable to interpret <[2009.05.27 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2010.05.05 15:32:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\ICQ> in the current context!
Error: Unable to interpret <[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Identities> in the current context!
Error: Unable to interpret <[2009.01.12 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Inkscape> in the current context!
Error: Unable to interpret <[2008.10.20 22:18:00 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\InstallShield> in the current context!
Error: Unable to interpret <[2008.10.25 13:04:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Macromedia> in the current context!
Error: Unable to interpret <[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Center Programs> in the current context!
Error: Unable to interpret <[2009.03.01 20:30:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Media Player Classic> in the current context!
Error: Unable to interpret <[2009.11.29 23:16:44 | 000,000,000 | --SD | M] -- C:\Users\hp\AppData\Roaming\Microsoft> in the current context!
Error: Unable to interpret <[2009.01.14 22:46:05 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Mozilla> in the current context!
Error: Unable to interpret <[2009.09.23 22:54:46 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\NCH Software> in the current context!
Error: Unable to interpret <[2009.12.21 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nero> in the current context!
Error: Unable to interpret <[2009.04.29 17:12:34 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Nokia> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\OpenCandy> in the current context!
Error: Unable to interpret <[2009.01.14 22:57:49 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Opera> in the current context!
Error: Unable to interpret <[2008.12.25 01:30:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\PC Suite> in the current context!
Error: Unable to interpret <[2009.08.05 21:21:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Red Kawa> in the current context!
Error: Unable to interpret <[2009.08.05 21:22:13 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Regensoft> in the current context!
Error: Unable to interpret <[2009.03.12 00:59:58 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Scirra> in the current context!
Error: Unable to interpret <[2008.10.20 22:30:53 | 000,000,000 | RH-D | M] -- C:\Users\hp\AppData\Roaming\SecuROM> in the current context!
Error: Unable to interpret <[2008.10.20 22:31:11 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Sierra Entertainment> in the current context!
Error: Unable to interpret <[2010.04.05 03:51:43 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Skype> in the current context!
Error: Unable to interpret <[2010.04.05 02:43:40 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\skypePM> in the current context!
Error: Unable to interpret <[2009.06.29 11:14:21 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\SoundSpectrum> in the current context!
Error: Unable to interpret <[2009.06.12 18:16:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ubisoft> in the current context!
Error: Unable to interpret <[2009.12.11 22:01:14 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\uTorrent> in the current context!
Error: Unable to interpret <[2008.11.11 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Ventrilo> in the current context!
Error: Unable to interpret <[2009.09.25 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\vlc> in the current context!
Error: Unable to interpret <[2009.06.10 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Winamp> in the current context!
Error: Unable to interpret <[2009.02.18 14:36:55 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\WinRAR> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*.exe /s >> in the current context!
Error: Unable to interpret <[2009.11.18 19:11:23 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\hp\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,057,344 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,061,440 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2009.09.11 21:16:41 | 000,008,854 | R--- | M] () -- C:\Users\hp\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\Uninstall_THAW_3293C06B003F40278380FFD79E38167D.exe> in the current context!
Error: Unable to interpret <[2008.02.13 08:07:36 | 000,393,216 | ---- | M] () -- C:\Users\hp\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe> in the current context!
Error: Unable to interpret <[2009.08.18 18:26:11 | 002,228,534 | ---- | M] ( ) -- C:\Users\hp\AppData\Roaming\OpenCandy\audacity-win-1.2.6.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: AGP440.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ATAPI.SYS >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:31:03 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CDROM.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys> in the current context!
Error: Unable to interpret <[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys> in the current context!
Error: Unable to interpret <[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys> in the current context!
Error: Unable to interpret <[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CNGAUDIT.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CRYPTSVC.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: EXPLORER.EXE >> in the current context!
Error: Unable to interpret <[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.20 18:40:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.20 18:40:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe> in the current context!
Error: Unable to interpret <[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: HAL.DLL >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: IASTORV.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ISAPNP.SYS >> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: LSASS.EXE >> in the current context!
Error: Unable to interpret <[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe> in the current context!
Error: Unable to interpret <[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe> in the current context!
Error: Unable to interpret <[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe> in the current context!
Error: Unable to interpret <[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NDIS.SYS >> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NETLOGON.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVRAID.SYS >> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVSTOR.SYS >> in the current context!
Error: Unable to interpret <[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SCECLI.DLL >> in the current context!
Error: Unable to interpret <[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SMSS.EXE >> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SVCHOST.EXE >> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: TCPIP.SYS >> in the current context!
Error: Unable to interpret <[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:28:58 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.10.20 18:28:58 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys> in the current context!
Error: Unable to interpret <[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys> in the current context!
Error: Unable to interpret <[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys> in the current context!
Error: Unable to interpret <[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys> in the current context!
Error: Unable to interpret <[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USERINIT.EXE >> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WINLOGON.EXE >> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe> in the current context!
Error: Unable to interpret <[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe> in the current context!
Error: Unable to interpret <[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WS2_32.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll> in the current context!
Error: Unable to interpret <[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\*. /mp /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll> in the current context!
Error: Unable to interpret <[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\Tasks\*.job /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\System32\config\*.sav >> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV> in the current context!
Error: Unable to interpret <[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll> in the current context!
Error: Unable to interpret <[2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV> in the current context!
Error: Unable to interpret < IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS> in the current context!
Error: Unable to interpret < IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /3 >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.* /3 >> in the current context!
Error: Unable to interpret <[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2010.05.05 17:30:51 | 000,004,656 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2010.05.05 15:37:25 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE> in the current context!
Error: Unable to interpret << End of report >> in the current context!
OTL by OldTimer - Version 3.2.4.1 log created on 05052010_190538
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Security Tool
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
PRC - [2008.11.26 13:02:38 | 000,024,576 | ---- | M] () -- C:\Users\hp\AppData\Local\TempImages\IEPR.exe
PRC - [2009.10.01 18:29:15 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2009.10.01 18:29:15 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
SRV - [2009.10.01 18:29:15 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-327595103-1516075565-1027953969-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (MyWebSearch.com)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [IEPR] C:\Users\hp\AppData\Local\TempImages\IEPR.exe ()
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [iOmem] C:\Users\hp\AppData\Local\TempImages\iOmem101.exe (Simple)
O4 - HKU\S-1-5-21-327595103-1516075565-1027953969-1000..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {9DCB0AE8-633C-B1D2-29E1-3A811135D25A} - Reg Error: Key error. File not found
[2010.05.04 15:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\38963029
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2010.05.05 14:34:33 | 000,000,658 | ---- | C] () -- C:\Users\hp\Desktop\Security Tool.lnk
@Alternate Data Stream - 72 bytes -> C:\Windows:27D238CF4657A662
@Alternate Data Stream - 500 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8CE646EE
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.3.cab (Reg Error: Key error.)
:Files
C:\Program Files\AskBarDis
C:\Program Files\MyWebSearch
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
Re: Security Tool
Samořejmě jsem na OPRAVIT klikl.
Přispějete na provoz fóra?