ahojky, mám takový problém, když mám zapnutý google chrome tak mi cpu jede na 80-100%, divné je že ve správce úloh se to tváří normálně... nvm moc co z tím, přikládám log z RSIT, jinač mám notebook, starý asi tak 14 měsíců,
Processor: Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz (2 CPUs), ~2.2GHz
Memory: 4096MB RAM
Card name: Mobile Intel(R) 4 Series Express Chipset Family
log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by David at 2011-06-04 23:21:43
Microsoft Windows 7 Home Premium
System drive C: has 65 GB (55%) free of 119 GB
Total RAM: 4061 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:22:21, on 4.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Mousotron\Mousotron.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\GamePark2\gpcl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\David\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\ICQ7.1\ICQ.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\David.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{3E6 ... 38A10A0497}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [17647d] wscript /B C:\Windows\TEMP\17646d.vbs
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\David\Desktop\uTorrent.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Mousotron] C:\Program Files (x86)\Mousotron\Mousotron.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files (x86)\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\NOVSLO~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://d1ylr6sba64qi3.cloudfront.net/gl ... 1.71.0.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... 4.13.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files (x86)\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Unknown owner - C:\Windows\system32\sfrem02.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17401 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2a8
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {F4F51990-DC6C-419E-82E4-8EE19A94C200}
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\MSVCP50G.dll",yjoll
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\MSVCP50G.dll",yjoll
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
Atouch64.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe" /crashhandler
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ATKOSD.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WDC.exe
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Mousotron\Mousotron.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\GamePark2\gpcl.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\David\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4500 series#1305455270" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /startalways
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:11 /Query:3;3;6;Pokračovat v posledním seznamu;29655;-1;;;;0;;;;1;;
"C:\Program Files (x86)\ICQ7.1\ICQ.exe" Restart=1 ParentPid=4292
"C:\Windows\System32\taskmgr.exe"
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.008F2180.918516437 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.008F2900.1510572349 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.036CE480.969084417 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.036CE900.1623171622 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.036CEC00.746398841 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.036E4300.904364903 /prefetch:3
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll" --lang=cs --plugin-data-dir="C:\Users\David\AppData\Local\Google\Chrome\User Data\Default" --channel=6340.008EE400.1763821561 /prefetch:4
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\noocneohefmdhonidldnlhaainpiomkp\1.12.2.44674_0\lib/cooliris.dll" --lang=cs --plugin-data-dir="C:\Users\David\AppData\Local\Google\Chrome\User Data\Default" --channel=6340.06BE2C00.1753823002 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\Users\David\AppData\Local\Google\Chrome\APPLIC~1\110696~1.65\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\David\AppData\Local\Google\Chrome\Application\11.0.696.65\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\David\AppData\Local\Google\Chrome\User Data\Default" --channel=6340.07C44E00.565668426 /prefetch:4 --flash-broker=1388
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel=6340.07CAE0B0.1567024701 /prefetch:12
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_5/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.05227480.120340757 /prefetch:3
"C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_5/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WebSocketExperiment/default/ --channel=6340.08EB4C00.1590867911 /prefetch:3
"C:\Users\David\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job
C:\Windows\tasks\nsuttpu.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-22 386776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-23 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll [2010-12-06 765744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyng.dll [2010-12-01 2735200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll [2010-11-23 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll [2010-11-23 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-23 3908192]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyng.dll [2010-12-01 2735200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2916584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"uTorrent"=C:\Users\David\Desktop\uTorrent.exe []
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Mousotron"=C:\Program Files (x86)\Mousotron\Mousotron.exe [2011-02-02 525312]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-05 136176]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-02-10 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NB Probe]
C:\Program Files\ASUS\NB Probe\NBProbe.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\David\Desktop\uTorrent.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
"jswtrayutil"=C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [2009-09-24 32871]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-05-22 273544]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-05-29 449584]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2011-05-29 1047656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"17647d"=wscript /B C:\Windows\TEMP\17646d.vbs []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
GamePark klient 2.lnk - C:\Program Files (x86)\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-03-15 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.inf - install - %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.cpl - cplopen - %SystemRoot%\SysWow64\control.exe "%1",%*
======List of files/folders created in the last 1 months======
2011-06-04 21:55:25 ----D---- C:\Program Files (x86)\DiskCheckup
2011-06-04 20:55:39 ----RASH---- C:\Windows\SYSWOW64\MSVCP50G.dll
2011-06-04 18:57:50 ----D---- C:\Program Files\BatteryBar
2011-05-28 10:50:57 ----A---- C:\Windows\ntbtlog.txt
2011-05-27 21:13:42 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 20:47:13 ----D---- C:\Program Files (x86)\GamePark2
2011-05-22 20:39:31 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2011-05-22 20:39:21 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2011-05-22 20:39:21 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2011-05-22 20:39:11 ----D---- C:\ProgramData\Real
2011-05-22 20:39:11 ----D---- C:\Program Files (x86)\Real
2011-05-22 20:39:09 ----D---- C:\Users\David\AppData\Roaming\Real
2011-05-15 22:08:49 ----AH---- C:\Windows\system32\hamachi.sys
2011-05-15 22:02:53 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-05-13 22:18:25 ----D---- C:\Program Files (x86)\WinSCP
2011-05-12 21:02:41 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-05-12 21:02:21 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-05-12 21:02:16 ----D---- C:\Program Files\VirtualBox
2011-05-11 20:18:47 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-11 20:18:47 ----A---- C:\Windows\system32\poqexec.exe
2011-05-11 20:18:07 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-05-11 20:18:07 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-11 14:49:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-11 14:49:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-11 14:49:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 14:48:30 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-09 18:04:23 ----A---- C:\Windows\SYSWOW64\drivers\DKbFltr.sys
2011-05-09 18:02:25 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2011-05-09 18:00:37 ----A---- C:\Windows\system32\drivers\L1E60x64.sys
2011-05-09 17:41:25 ----D---- C:\ProgramData\Uniblue
2011-05-08 12:27:46 ----D---- C:\Program Files (x86)\ICQ7.1
======List of files/folders modified in the last 1 months======
2011-06-04 23:22:03 ----D---- C:\Windows\Temp
2011-06-04 23:22:00 ----D---- C:\Program Files\trend micro
2011-06-04 22:56:45 ----D---- C:\Users\David\AppData\Roaming\Skype
2011-06-04 22:02:20 ----D---- C:\Windows\system32\config
2011-06-04 21:55:25 ----RD---- C:\Program Files (x86)
2011-06-04 21:25:50 ----D---- C:\Users\David\AppData\Roaming\ICQ
2011-06-04 21:23:08 ----D---- C:\Windows\system32\Tasks
2011-06-04 21:22:39 ----D---- C:\Windows
2011-06-04 21:22:07 ----D---- C:\Windows\system32\catroot2
2011-06-04 21:19:48 ----D---- C:\Windows\Tasks
2011-06-04 21:02:00 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-06-04 21:01:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-04 20:57:25 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-04 20:55:39 ----D---- C:\Windows\SysWOW64
2011-06-04 19:50:57 ----D---- C:\Users\David\AppData\Roaming\BitComet
2011-06-04 19:20:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-04 18:58:13 ----D---- C:\Users\David\AppData\Roaming\FileZilla
2011-06-04 18:57:50 ----RD---- C:\Program Files
2011-06-04 16:05:08 ----D---- C:\Users\David\AppData\Roaming\skypePM
2011-06-04 10:56:26 ----D---- C:\Windows\System32
2011-06-04 10:56:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-04 10:56:25 ----D---- C:\Windows\inf
2011-06-04 00:08:09 ----D---- C:\Downloads
2011-06-03 22:00:46 ----SHD---- C:\System Volume Information
2011-06-03 21:12:27 ----D---- C:\Opera
2011-06-03 17:48:24 ----SHD---- C:\Windows\Installer
2011-06-03 17:48:24 ----D---- C:\Config.Msi
2011-05-28 10:57:22 ----D---- C:\Windows\system32\drivers
2011-05-28 10:57:20 ----D---- C:\Windows\winsxs
2011-05-27 21:08:03 ----D---- C:\Windows\system32\wfp
2011-05-27 21:08:01 ----D---- C:\Windows\system32\wbem
2011-05-27 21:07:04 ----D---- C:\Windows\system32\DriverStore
2011-05-27 21:07:04 ----D---- C:\Windows\system32\CodeIntegrity
2011-05-27 21:07:04 ----D---- C:\ProgramData\P4G
2011-05-27 21:06:58 ----D---- C:\Windows\registration
2011-05-25 15:23:07 ----D---- C:\Windows\system32\catroot
2011-05-24 23:13:36 ----D---- C:\Windows\system32\NDF
2011-05-24 20:51:27 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-05-24 19:34:50 ----A---- C:\Windows\mafosav.INI
2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe
2011-05-22 20:39:41 ----D---- C:\Program Files (x86)\Common Files
2011-05-22 20:39:20 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2011-05-22 20:39:16 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2011-05-22 20:39:16 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2011-05-22 20:39:11 ----D---- C:\ProgramData
2011-05-21 21:25:21 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2011-05-21 21:18:59 ----D---- C:\Users\David\AppData\Roaming\GHISLER
2011-05-21 21:18:56 ----D---- C:\ProgramData\HP
2011-05-21 21:18:38 ----RD---- C:\Users
2011-05-21 21:18:37 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2011-05-21 21:18:36 ----D---- C:\Users\David\AppData\Roaming\IObit
2011-05-21 21:18:27 ----D---- C:\Program Files (x86)\IObit
2011-05-21 21:18:25 ----SHD---- C:\$RECYCLE.BIN
2011-05-21 21:10:06 ----D---- C:\Windows\Minidump
2011-05-21 00:39:41 ----D---- C:\Windows\debug
2011-05-21 00:38:44 ----D---- C:\Users\David\AppData\Roaming\Azureus
2011-05-20 17:42:33 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-05-20 14:19:52 ----D---- C:\ProgramData\IObit
2011-05-15 18:40:32 ----A---- C:\Windows\clofghls.dll
2011-05-15 12:27:50 ----A---- C:\Windows\win.ini
2011-05-15 12:27:38 ----D---- C:\Windows\twain_32
2011-05-12 21:02:41 ----DC---- C:\Windows\system32\DRVSTORE
2011-05-12 20:33:12 ----D---- C:\Program Files (x86)\Adobe
2011-05-11 14:50:56 ----A---- C:\Windows\system32\MRT.exe
2011-05-10 07:43:12 ----D---- C:\Program Files\Microsoft Games
2011-05-09 17:52:53 ----D---- C:\Program Files\Elantech
2011-05-08 21:38:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-08 20:26:43 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2011-05-08 12:28:45 ----D---- C:\ProgramData\ICQ
2011-05-05 22:41:19 ----RSD---- C:\Windows\assembly
2011-05-05 21:08:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-05-05 17:30:51 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-02-10 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 75384]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2009-02-03 77432]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 14192]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-02-08 107384]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-08 513080]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2009-08-14 26624]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 157712]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-04-26 231600]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-04-26 56816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-01 43168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2011-05-09 25608]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x64.sys [2011-05-09 63016]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-05-29 25912]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-04-26 176560]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 22936]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-04-07 310728]
S2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-05-09 132648]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTCore;RTCore; \??\C:\Program Files (x86)\RMClock\RTCore.sys []
S3 RTCore64;RTCore64; \??\C:\Users\David\Downloads\rmclock_230_bin\RTCore64.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-10-15 35112]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-04-26 156912]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-04-21 352656]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [2009-08-14 265216]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-05-05 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-05-24 214520]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 136176]
S2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files (x86)\iolo\common\lib\ioloServiceManager.exe []
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:\Windows\system32\sfrem02.exe [2006-05-11 607352]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 42360]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2009-08-14 954368]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka & problém z cpu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivka & problém z cpu
Zdravim a pekny pozdni vecer preji 
Poprosim i o druhy log z RSIT s nazem info.txt, je ulozen v c:\rsit
Poprosim i o druhy log z RSIT s nazem info.txt, je ulozen v c:\rsit"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka & problém z cpu
info.txt logfile of random's system information tool 1.08 2011-03-16 19:06:25
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BE930E38-7BB3-45B6-85B2-5251F374F844}
7-Zip 4.65 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0465-000001000000}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.2 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Advanced SystemCare 3-->"C:\Program Files (x86)\IObit\Advanced SystemCare 3\unins000.exe"
Age of Empires II - The Conquerors - 1.0e Patch FINAL-->"D:\Hry\Age of Empires II\unins000.exe"
Age of Empires III-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Air Conflicts-->D:\Hry\Air Conflicts\uninstall.exe
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409
Angry Birds-->"D:\Hry\Angry Birds\uninstall.exe" "/U:D:\Hry\Angry Birds\Uninstall\uninstall.xml"
ArmA Uninstall-->D:\Hry\ArmA\UnInstall.exe
Ashampoo Burning Studio 2010-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2010\unins000.exe"
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"
ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u
ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
aTube Catcher-->D:\aTube Catcher 2.0\uninstall.exe
Avencast-->"D:\Hry\Avencast\unins000.exe"
Bit Che-->"D:\Bit Che\unins000.exe"
BitComet 1.22-->D:\BitComet\uninst.exe
Blitzkrieg 2-->"D:\Hry\Blitzkrieg 2\unins000.exe"
Call of Duty(R) 2 Patch 1.3-->D:\Hry\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe /U "D:\Hry\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.log"
Call of Duty(R) 2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CoD 2 čeština 1.1-->"D:\Hry\Call of Duty 2\main\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conduit Engine-->C:\PROGRA~2\ConduitEngine\ConduitEngineUninstall.exe
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
ConvertXtoDVD 2.2.3.258h-->"C:\Program Files (x86)\VSO\ConvertXtoDVD\unins000.exe"
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Čeština Dragon Age Origins 1.00-->D:\Hry\Dragon Age\Uninstall.exe
Dragon Age: Origins-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age.exe
Emergency 4-->"D:\Hry\Emergency 4\unins000.exe"
ETDWare PS/2-x64 7.0.5.9_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Euro Truck Simulator 1.00-->D:\Hry\Euro Truck Simulator\uninst.exe
EVEREST Ultimate Edition v5.50-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
F1 2010-->MsiExec.exe /I{434D0831-A4CC-401A-9E74-621000018401}
Farming Simulator 2011-->"D:\Hry\Farming Simulator 2011\unins000.exe"
Fast Boot-->MsiExec.exe /X{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Feedback Tool-->MsiExec.exe /I{13A5E785-5197-4EAD-8EE3-D660271E49BC}
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
FormatFactory 2.50-->D:\FormatFactory 2.30\uninst.exe
Fraps-->"D:\Fraps\uninstall.exe"
Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"
GamePark-->D:\GamePark\unins000.exe
GMail Drive Shell Extension-->rundll32.exe C:\Windows\system32\ShellExt\GMailFS64.dll,Uninstall C:\Windows\system32\ShellExt\GMailFS.inf
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gothic III-->"C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hidden and Dangerous Deluxe-->"D:\Hry\Hidden and Dangerous Deluxe\Bin\IIUninst.exe" D:\Hry\Hidden and Dangerous Deluxe\Bin\install.log
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6-->C:\Program Files (x86)\HP\Digital Imaging\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}\setup\hpzscr40.exe -datfile hposcr46.dat -onestop -forcereboot
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Smart Web Printing 4.60-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
HyperCam 2-->D:\HyCam2\UnHyCam2.exe
HyperCam Toolbar-->C:\Program Files (x86)\HyperCam Toolbar\UninstallToolbar.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ICQ Toolbar-->C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.1-->"C:\Program Files (x86)\InstallShield Installation Information\{71BFC818-0CED-42D6-9C87-5142918957EE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Korea: Forgotten Conflict-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EDA827F5-C014-4161-918D-3EEF16A2B167}\setup.exe" -l0x5
Mafia Game-->C:\Windows\system32\MafiaSetup.exe
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Max Payne 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\Setup.exe" -l0x9
Medal of Honor Allied Assault v 1.0.0.1-->"D:\Hry\Medal of Honor - Allied Assault\unins000.exe"
Medal of Honor Allied Assault-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x9
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Age of Empires II: The Conquerors Expansion-->"D:\Hry\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Age of Empires II-->"D:\Hry\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /I{AAF4238F-7C29-451D-9925-C753271A5728}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Might and Magic® IX-->C:\Windows\IsUninst.exe -f"D:\Hry\Might and Magic IX\Might and Magic IX.isu" -c"C:\Program Files (x86)\Common Files\3DO Shared\3DOUnInst.dll
MiniTool Power Data Recovery-->"C:\Program Files (x86)\PowerDataRecovery\unins000.exe"
Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NB Probe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\Setup.exe" -l0x9
Need for Speed Underground 2-->D:\Hry\Need for Speed Underground 2\EAUninstall.exe
Need for Speed™ Carbon-->D:\Hry\Need for Speed Carbon\EAUninstall.exe
Net4Switch-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.exe" -l0x9
Network Play System (Patching)-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Electronic Arts\Network Play System\NPSPatch.isu"
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Opera 11.00-->"D:\Opera 11.00 beta\Opera.exe" /uninstall
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PC Inspector smart recovery-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x9
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->D:\PDFCreator\unins000.exe
Piggly-->"C:\Program Files (x86)\Asus\Game Park\Piggly\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Piggly\install.log"
Prince of Persia Warrior Within-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EE5BC0BB-9EDA-423C-8276-48857B735D68}\setup.exe" -l0x9
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Punské války-->D:\Hry\Punské války\Uninstall.exe "Punské války"
QSS Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{153898EE-EECA-471E-8E33-C8485EA84C07}\setup.exe" -runfromtemp -l0x0009 -removeonly
QuickStores-Toolbar 1.0.0-->"C:\Users\David\AppData\Roaming\QuickStoresToolbar\unins000.exe"
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Rise of Nations-->"D:\Hry\Rise of Nations\Uninstal.exe" /runtemp /uninstall
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
S.T.A.L.K.E.R. - Shadow of Chernobyl-->"D:\Hry\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
San Andreas Mod Installer-->C:\Windows\iun6002ev.exe "D:\Hry\GTA San Andreas\San Andreas Mod Installer\irunin.ini"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Serious Sam 2-->D:\Hry\Serious Sam 2\Bin\Uninstall.exe
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Smileyville-->"C:\Program Files (x86)\Asus\Game Park\Smileyville\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Smileyville\install.log"
Soldiers of Anarchy-->D:\Hry\Soldiers of Anarchy\UnInstall.exe
SPORE™-->"C:\Program Files (x86)\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x0005 -removeonly
SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
SWAT 4-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab CYRI-->MsiExec.exe /I{679F739E-5C76-4A41-B562-F9392156B6DD}
System Requirements Lab-->MsiExec.exe /I{9E1BAB75-EB78-440D-94C0-A3857BE2E733}
TeamViewer 5-->D:\TeamViewer\Version5\uninstall.exe
TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe
The Matrix Reloaded-->C:\Program Files\The Matrix Reloaded\uninst.exe
The Matrix Trilogy 3D Code Screen Saver v3.4-->"C:\Program Files (x86)\UselessCreations\Matrix3D\uninst.exe"
Tomb Raider: Anniversary 1.0-->D:\Hry\Tomb Raider - Anniversary\uninsttra.exe
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Traktor Simulátor-->"D:\Hry\Traktor Simulátor\unins000.exe"
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
VDownloader 2.7.322-->"D:\VDownloader\unins000.exe"
VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}
Vuze Remote Toolbar-->C:\PROGRA~2\Vuze_Remote\UNWISE.EXE /U C:\PROGRA~2\Vuze_Remote\INSTALL.LOG
Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}
Windows Live Fotogalerie-->MsiExec.exe /X{A13DE9CB-8C84-4889-B114-C5A9661F844E}
Windows Live Mail-->MsiExec.exe /I{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Live Sync-->MsiExec.exe /X{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}
Windows Live Toolbar-->MsiExec.exe /X{CF22161D-0E1B-489E-BBC8-684055836FE9}
Windows Live Writer-->MsiExec.exe /X{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Služba seznamu sítí byl změněn na: Spuštěno
Record Number: 99186
Source Name: Service Control Manager
Time Written: 20101209144358.767351-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Služba inteligentního přenosu na pozadí byl změněn na: Spuštěno
Record Number: 99185
Source Name: Service Control Manager
Time Written: 20101209144358.455350-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby ADSM Service byl změněn na: Spuštěno
Record Number: 99184
Source Name: Service Control Manager
Time Written: 20101209144358.143350-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7026
Message: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync02
Record Number: 99183
Source Name: Service Control Manager
Time Written: 20101209144356.676947-000
Event Type: Chyba
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Server byl změněn na: Spuštěno
Record Number: 99182
Source Name: Service Control Manager
Time Written: 20101209144356.489747-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: David-PC
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 5524
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072713.333645-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: David-PC
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 5523
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100518072713.000000-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 5522
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072631.815912-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: David-PC
Event Code: 1
Message:
Record Number: 5521
Source Name: avg9emc
Time Written: 20100518072631.000000-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.
PODROBNOSTI –
5 user registry handles leaked from \Registry\User\S-1-5-21-2239340465-1001483360-3508777747-1000:
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Explorer
Record Number: 5520
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072628.212306-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12341
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.661245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 12340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.427245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.427245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 12338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.333645-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12337
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.333645-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BE930E38-7BB3-45B6-85B2-5251F374F844}
7-Zip 4.65 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0465-000001000000}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.2 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Advanced SystemCare 3-->"C:\Program Files (x86)\IObit\Advanced SystemCare 3\unins000.exe"
Age of Empires II - The Conquerors - 1.0e Patch FINAL-->"D:\Hry\Age of Empires II\unins000.exe"
Age of Empires III-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Air Conflicts-->D:\Hry\Air Conflicts\uninstall.exe
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409
Angry Birds-->"D:\Hry\Angry Birds\uninstall.exe" "/U:D:\Hry\Angry Birds\Uninstall\uninstall.xml"
ArmA Uninstall-->D:\Hry\ArmA\UnInstall.exe
Ashampoo Burning Studio 2010-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2010\unins000.exe"
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"
ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u
ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
aTube Catcher-->D:\aTube Catcher 2.0\uninstall.exe
Avencast-->"D:\Hry\Avencast\unins000.exe"
Bit Che-->"D:\Bit Che\unins000.exe"
BitComet 1.22-->D:\BitComet\uninst.exe
Blitzkrieg 2-->"D:\Hry\Blitzkrieg 2\unins000.exe"
Call of Duty(R) 2 Patch 1.3-->D:\Hry\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe /U "D:\Hry\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.log"
Call of Duty(R) 2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CoD 2 čeština 1.1-->"D:\Hry\Call of Duty 2\main\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conduit Engine-->C:\PROGRA~2\ConduitEngine\ConduitEngineUninstall.exe
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
ConvertXtoDVD 2.2.3.258h-->"C:\Program Files (x86)\VSO\ConvertXtoDVD\unins000.exe"
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Čeština Dragon Age Origins 1.00-->D:\Hry\Dragon Age\Uninstall.exe
Dragon Age: Origins-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age.exe
Emergency 4-->"D:\Hry\Emergency 4\unins000.exe"
ETDWare PS/2-x64 7.0.5.9_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Euro Truck Simulator 1.00-->D:\Hry\Euro Truck Simulator\uninst.exe
EVEREST Ultimate Edition v5.50-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
F1 2010-->MsiExec.exe /I{434D0831-A4CC-401A-9E74-621000018401}
Farming Simulator 2011-->"D:\Hry\Farming Simulator 2011\unins000.exe"
Fast Boot-->MsiExec.exe /X{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Feedback Tool-->MsiExec.exe /I{13A5E785-5197-4EAD-8EE3-D660271E49BC}
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
FormatFactory 2.50-->D:\FormatFactory 2.30\uninst.exe
Fraps-->"D:\Fraps\uninstall.exe"
Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"
GamePark-->D:\GamePark\unins000.exe
GMail Drive Shell Extension-->rundll32.exe C:\Windows\system32\ShellExt\GMailFS64.dll,Uninstall C:\Windows\system32\ShellExt\GMailFS.inf
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gothic III-->"C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hidden and Dangerous Deluxe-->"D:\Hry\Hidden and Dangerous Deluxe\Bin\IIUninst.exe" D:\Hry\Hidden and Dangerous Deluxe\Bin\install.log
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6-->C:\Program Files (x86)\HP\Digital Imaging\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}\setup\hpzscr40.exe -datfile hposcr46.dat -onestop -forcereboot
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Smart Web Printing 4.60-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
HyperCam 2-->D:\HyCam2\UnHyCam2.exe
HyperCam Toolbar-->C:\Program Files (x86)\HyperCam Toolbar\UninstallToolbar.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ICQ Toolbar-->C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.1-->"C:\Program Files (x86)\InstallShield Installation Information\{71BFC818-0CED-42D6-9C87-5142918957EE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Korea: Forgotten Conflict-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EDA827F5-C014-4161-918D-3EEF16A2B167}\setup.exe" -l0x5
Mafia Game-->C:\Windows\system32\MafiaSetup.exe
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Max Payne 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\Setup.exe" -l0x9
Medal of Honor Allied Assault v 1.0.0.1-->"D:\Hry\Medal of Honor - Allied Assault\unins000.exe"
Medal of Honor Allied Assault-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x9
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Age of Empires II: The Conquerors Expansion-->"D:\Hry\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Age of Empires II-->"D:\Hry\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /I{AAF4238F-7C29-451D-9925-C753271A5728}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Might and Magic® IX-->C:\Windows\IsUninst.exe -f"D:\Hry\Might and Magic IX\Might and Magic IX.isu" -c"C:\Program Files (x86)\Common Files\3DO Shared\3DOUnInst.dll
MiniTool Power Data Recovery-->"C:\Program Files (x86)\PowerDataRecovery\unins000.exe"
Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NB Probe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\Setup.exe" -l0x9
Need for Speed Underground 2-->D:\Hry\Need for Speed Underground 2\EAUninstall.exe
Need for Speed™ Carbon-->D:\Hry\Need for Speed Carbon\EAUninstall.exe
Net4Switch-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.exe" -l0x9
Network Play System (Patching)-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Electronic Arts\Network Play System\NPSPatch.isu"
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Opera 11.00-->"D:\Opera 11.00 beta\Opera.exe" /uninstall
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PC Inspector smart recovery-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x9
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->D:\PDFCreator\unins000.exe
Piggly-->"C:\Program Files (x86)\Asus\Game Park\Piggly\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Piggly\install.log"
Prince of Persia Warrior Within-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EE5BC0BB-9EDA-423C-8276-48857B735D68}\setup.exe" -l0x9
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Punské války-->D:\Hry\Punské války\Uninstall.exe "Punské války"
QSS Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{153898EE-EECA-471E-8E33-C8485EA84C07}\setup.exe" -runfromtemp -l0x0009 -removeonly
QuickStores-Toolbar 1.0.0-->"C:\Users\David\AppData\Roaming\QuickStoresToolbar\unins000.exe"
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Rise of Nations-->"D:\Hry\Rise of Nations\Uninstal.exe" /runtemp /uninstall
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
S.T.A.L.K.E.R. - Shadow of Chernobyl-->"D:\Hry\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
San Andreas Mod Installer-->C:\Windows\iun6002ev.exe "D:\Hry\GTA San Andreas\San Andreas Mod Installer\irunin.ini"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Serious Sam 2-->D:\Hry\Serious Sam 2\Bin\Uninstall.exe
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Smileyville-->"C:\Program Files (x86)\Asus\Game Park\Smileyville\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Smileyville\install.log"
Soldiers of Anarchy-->D:\Hry\Soldiers of Anarchy\UnInstall.exe
SPORE™-->"C:\Program Files (x86)\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x0005 -removeonly
SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
SWAT 4-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab CYRI-->MsiExec.exe /I{679F739E-5C76-4A41-B562-F9392156B6DD}
System Requirements Lab-->MsiExec.exe /I{9E1BAB75-EB78-440D-94C0-A3857BE2E733}
TeamViewer 5-->D:\TeamViewer\Version5\uninstall.exe
TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe
The Matrix Reloaded-->C:\Program Files\The Matrix Reloaded\uninst.exe
The Matrix Trilogy 3D Code Screen Saver v3.4-->"C:\Program Files (x86)\UselessCreations\Matrix3D\uninst.exe"
Tomb Raider: Anniversary 1.0-->D:\Hry\Tomb Raider - Anniversary\uninsttra.exe
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Traktor Simulátor-->"D:\Hry\Traktor Simulátor\unins000.exe"
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
VDownloader 2.7.322-->"D:\VDownloader\unins000.exe"
VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}
Vuze Remote Toolbar-->C:\PROGRA~2\Vuze_Remote\UNWISE.EXE /U C:\PROGRA~2\Vuze_Remote\INSTALL.LOG
Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}
Windows Live Fotogalerie-->MsiExec.exe /X{A13DE9CB-8C84-4889-B114-C5A9661F844E}
Windows Live Mail-->MsiExec.exe /I{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Live Sync-->MsiExec.exe /X{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}
Windows Live Toolbar-->MsiExec.exe /X{CF22161D-0E1B-489E-BBC8-684055836FE9}
Windows Live Writer-->MsiExec.exe /X{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Služba seznamu sítí byl změněn na: Spuštěno
Record Number: 99186
Source Name: Service Control Manager
Time Written: 20101209144358.767351-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Služba inteligentního přenosu na pozadí byl změněn na: Spuštěno
Record Number: 99185
Source Name: Service Control Manager
Time Written: 20101209144358.455350-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby ADSM Service byl změněn na: Spuštěno
Record Number: 99184
Source Name: Service Control Manager
Time Written: 20101209144358.143350-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 7026
Message: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync02
Record Number: 99183
Source Name: Service Control Manager
Time Written: 20101209144356.676947-000
Event Type: Chyba
User:
Computer Name: David-PC
Event Code: 7036
Message: Stav služby Server byl změněn na: Spuštěno
Record Number: 99182
Source Name: Service Control Manager
Time Written: 20101209144356.489747-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: David-PC
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 5524
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072713.333645-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: David-PC
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 5523
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100518072713.000000-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 5522
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072631.815912-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: David-PC
Event Code: 1
Message:
Record Number: 5521
Source Name: avg9emc
Time Written: 20100518072631.000000-000
Event Type: Informace
User:
Computer Name: David-PC
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.
PODROBNOSTI –
5 user registry handles leaked from \Registry\User\S-1-5-21-2239340465-1001483360-3508777747-1000:
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1416 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Explorer
Record Number: 5520
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100518072628.212306-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12341
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.661245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 12340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.427245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.427245-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4
Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 12338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.333645-000
Event Type: Úspěšný audit
User:
Computer Name: David-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DAVID-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 12337
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100826053111.333645-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
Re: preventivka & problém z cpu
Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka & problém z cpu
ckfiles
CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\david\documents\icq\573759159\receivedfiles\378157094 dh\mafia.ii.crackfix-skidrow.rar
scanner sequence 3.AP.11
----- EOF -----
CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\david\documents\icq\573759159\receivedfiles\378157094 dh\mafia.ii.crackfix-skidrow.rar
scanner sequence 3.AP.11
----- EOF -----
Re: preventivka & problém z cpu
A jeste poprosim o proedeni OTL
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka & problém z cpu
jj, jak to doskenu tak to tu hodím
Re: preventivka & problém z cpu
OLT
OTL logfile created on: 5.6.2011 0:17:30 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.20% Memory free
7.93 Gb Paging File | 4.93 Gb Available in Paging File | 62.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 63.72 Gb Free Space | 54.73% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 97.11 Gb Free Space | 29.02% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.06.03 17:48:18 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.05.22 20:39:17 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.05.16 16:00:50 | 000,399,872 | ---- | M] (Allstar Group, s.r.o.) -- C:\Program Files (x86)\GamePark2\gpcl.exe
PRC - [2011.05.05 21:08:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.04.21 16:54:38 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011.04.17 20:36:27 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\David\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.03.28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.02.02 19:23:22 | 000,525,312 | ---- | M] (Blacksun Software) -- C:\Program Files (x86)\Mousotron\Mousotron.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.01.20 11:20:04 | 000,313,152 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2011.01.05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.1\ICQ.exe
PRC - [2010.09.01 06:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.03.31 00:00:00 | 002,465,888 | ---- | M] (Lavalys, Inc.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
PRC - [2010.02.10 20:31:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.01.05 03:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.11.24 23:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.24 12:40:48 | 000,032,871 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
PRC - [2009.08.20 06:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009.08.17 19:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.08.13 00:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.07.31 20:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.07.31 20:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2006.05.01 17:09:50 | 001,974,272 | ---- | M] () -- D:\Hry\Call of Duty 2\CoD2MP_s.exe
========== Modules (SafeList) ==========
MOD - [2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.12 14:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.12.08 02:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV:64bit: - [2006.05.11 18:43:34 | 000,607,352 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\Windows\SysNative\sfrem02.exe -- (sfrem02)
SRV - [2011.06.04 23:53:46 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.05.05 21:08:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.21 16:54:38 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.30 01:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009.08.14 18:12:34 | 000,954,368 | ---- | M] (Wireless) [On_Demand | Stopped] -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)
SRV - [2009.08.14 18:12:34 | 000,265,216 | ---- | M] (Wireless) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Hry\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.05.09 18:02:25 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.05.09 18:00:37 | 000,063,016 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E60x64.sys -- (L1E)
DRV:64bit: - [2011.04.26 14:37:38 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.04.08 07:37:30 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.04.07 22:31:02 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.10.15 16:23:41 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010.07.29 13:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.07.29 13:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.07.29 13:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.07.01 15:35:54 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.01.05 20:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.08.21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.14 18:12:34 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.05.13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.03 17:40:13 | 000,077,432 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV:64bit: - [2009.02.03 17:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.07.24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007.02.08 19:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2006.07.10 18:21:22 | 000,022,936 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2006.06.14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.10.17 13:40:48 | 000,165,376 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\atksgt.sys -- (atksgt)
DRV - [2010.10.17 13:40:48 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.03.31 00:00:00 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{3E6 ... 38A10A0497}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.8&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.24 20:18:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.05.27 21:07:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.04 19:20:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.09.26 21:42:39 | 000,000,000 | ---D | M]
[2011.04.14 21:30:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions
[2011.05.10 18:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions
[2011.05.10 18:52:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.08 11:02:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions
[2011.05.08 12:28:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.08 11:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions
[2011.05.08 12:28:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.24 22:38:17 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011.03.14 18:08:40 | 000,000,168 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.gif
[2011.05.29 21:57:28 | 000,000,947 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.xml
[2011.04.14 21:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011.05.27 21:07:00 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011.03.18 19:55:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.04.17 14:48:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (no name) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [Mousotron] C:\Program Files (x86)\Mousotron\Mousotron.exe (Blacksun Software)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [ShowBatteryBar] C:\Program Files\BatteryBar\ShowBatteryBar.exe ()
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [uTorrent] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://d1ylr6sba64qi3.cloudfront.net/gl ... 1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... 4.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.27 08:04:52 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 7 Days ==========
[2011.06.05 00:16:24 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011.06.04 21:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DiskCheckup
[2011.06.04 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
[2011.06.04 21:35:54 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Cooliris
[2011.06.04 18:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\BatteryBar
[2010.10.03 13:43:32 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\David\AppData\Roaming\pcouffin.sys
[2008.08.12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011.06.05 00:04:30 | 000,453,632 | ---- | M] () -- C:\Users\David\Desktop\CKScanner.exe
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.04 23:53:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.04 23:46:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 23:46:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 23:45:09 | 000,639,986 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.06.04 23:45:09 | 000,624,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.04 23:45:09 | 000,126,866 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.06.04 23:45:09 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.04 23:45:08 | 001,497,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.04 23:41:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job
[2011.06.04 23:39:33 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () -- C:\Windows\tasks\nsuttpu.job
[2011.06.04 23:39:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.04 23:39:05 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.04 21:02:00 | 000,002,926 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () -- C:\Windows\SysWow64\MSVCP50G.dll
[2011.06.04 00:00:00 | 000,832,273 | ---- | M] () -- C:\Users\David\Desktop\RSITx64.exe
[2011.06.03 19:04:27 | 000,228,082 | ---- | M] () -- C:\Windows\hpoins46.dat
[2011.06.02 23:27:46 | 000,003,865 | ---- | M] () -- C:\Users\David\Desktop\DesktopOK.ini
[2011.06.02 20:41:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.05 00:04:23 | 000,453,632 | ---- | C] () -- C:\Users\David\Desktop\CKScanner.exe
[2011.06.04 20:55:39 | 000,077,824 | RHS- | C] () -- C:\Windows\SysWow64\MSVCP50G.dll
[2011.06.04 20:55:39 | 000,000,304 | -HS- | C] () -- C:\Windows\tasks\nsuttpu.job
[2011.06.04 00:00:00 | 000,832,273 | ---- | C] () -- C:\Users\David\Desktop\RSITx64.exe
[2011.05.13 22:34:49 | 000,000,600 | ---- | C] () -- C:\Users\David\AppData\Roaming\winscp.rnd
[2011.04.17 11:36:42 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.17 11:36:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.17 11:36:42 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.17 11:36:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.17 11:36:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.04.06 20:57:06 | 000,000,600 | ---- | C] () -- C:\Users\David\AppData\Local\PUTTY.RND
[2011.03.30 20:14:53 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.03.15 00:44:02 | 001,386,496 | ---- | C] () -- C:\Windows\SysWow64\GLaux.dll
[2011.02.01 22:17:58 | 001,521,644 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.24 21:32:03 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2010.12.24 20:02:43 | 000,228,082 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010.12.12 11:41:09 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010.11.22 21:08:40 | 000,000,501 | ---- | C] () -- C:\Windows\eReg.dat
[2010.10.17 13:39:10 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\drivers\atksgt.sys
[2010.10.17 13:39:10 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2010.10.15 20:51:39 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.10.15 20:51:39 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.10.15 20:51:39 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.10.10 15:42:40 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010.10.03 21:37:04 | 000,044,544 | ---- | C] () -- C:\Windows\SysWow64\Gif89.dll
[2010.10.03 14:25:17 | 000,004,096 | -H-- | C] () -- C:\Users\David\AppData\Local\keyfile3.drm
[2010.10.03 13:43:32 | 000,007,859 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.cat
[2010.10.03 13:43:32 | 000,001,167 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.inf
[2010.10.03 13:39:14 | 000,001,057 | ---- | C] () -- C:\Users\David\AppData\Roaming\vso_ts_preview.xml
[2010.10.02 22:37:40 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2010.09.24 22:10:03 | 000,014,658 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.30 08:08:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.08.17 08:23:21 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010.07.31 23:26:49 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.07.20 05:39:02 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010.07.20 05:39:00 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010.07.20 05:39:00 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010.07.05 21:40:33 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.07.05 09:08:03 | 000,000,024 | ---- | C] () -- C:\Windows\clofghls.dll
[2010.07.04 20:31:36 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2010.06.28 22:42:05 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.06.25 11:59:21 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.06.23 21:23:10 | 000,000,012 | ---- | C] () -- C:\Windows\SysWow64\USERDATA.DAT
[2010.06.16 20:21:14 | 000,007,658 | ---- | C] () -- C:\Users\David\AppData\Local\resmon.resmoncfg
[2010.06.13 20:54:57 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010.06.13 20:52:50 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.06.12 21:36:40 | 000,015,386 | ---- | C] () -- C:\Windows\SysWow64\BestTimes.dat
[2010.06.07 14:30:53 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.06.07 14:30:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.23 10:00:41 | 000,843,892 | ---- | C] () -- C:\Windows\SysWow64\python22.dll
[2010.05.23 09:57:08 | 001,672,281 | ---- | C] () -- C:\Windows\SysWow64\metin2_patcher.exe
[2010.05.21 22:20:11 | 000,202,240 | ---- | C] () -- C:\Windows\SysWow64\patchw32.dll
[2010.05.21 22:19:08 | 000,349,696 | ---- | C] () -- C:\Windows\SysWow64\mss32.dll
[2010.05.21 22:18:34 | 003,167,501 | ---- | C] () -- C:\Windows\SysWow64\metin2.bin
[2010.05.02 21:06:06 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.05.01 12:05:27 | 000,000,289 | ---- | C] () -- C:\Windows\cncscore.ini
[2010.04.30 22:50:47 | 000,011,264 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.30 22:33:20 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.02.10 20:28:42 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.01.29 23:21:20 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009.10.26 05:38:20 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config.backup
[2009.08.19 10:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2003.04.09 18:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002.08.29 18:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 18:33:56 | 000,319,488 | R--- | C] () -- C:\Users\David\AppData\Roaming\MafiaSetup.exe
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
OTL logfile created on: 5.6.2011 0:17:30 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.20% Memory free
7.93 Gb Paging File | 4.93 Gb Available in Paging File | 62.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 63.72 Gb Free Space | 54.73% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 97.11 Gb Free Space | 29.02% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.06.03 17:48:18 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.05.22 20:39:17 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.05.16 16:00:50 | 000,399,872 | ---- | M] (Allstar Group, s.r.o.) -- C:\Program Files (x86)\GamePark2\gpcl.exe
PRC - [2011.05.05 21:08:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.04.21 16:54:38 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011.04.17 20:36:27 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\David\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.03.28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.02.02 19:23:22 | 000,525,312 | ---- | M] (Blacksun Software) -- C:\Program Files (x86)\Mousotron\Mousotron.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.01.20 11:20:04 | 000,313,152 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2011.01.05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.1\ICQ.exe
PRC - [2010.09.01 06:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.03.31 00:00:00 | 002,465,888 | ---- | M] (Lavalys, Inc.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
PRC - [2010.02.10 20:31:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.01.05 03:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.11.24 23:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.24 12:40:48 | 000,032,871 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
PRC - [2009.08.20 06:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009.08.17 19:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.08.13 00:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.07.31 20:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.07.31 20:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2006.05.01 17:09:50 | 001,974,272 | ---- | M] () -- D:\Hry\Call of Duty 2\CoD2MP_s.exe
========== Modules (SafeList) ==========
MOD - [2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.12 14:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.12.08 02:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV:64bit: - [2006.05.11 18:43:34 | 000,607,352 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\Windows\SysNative\sfrem02.exe -- (sfrem02)
SRV - [2011.06.04 23:53:46 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.05.05 21:08:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.21 16:54:38 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.30 01:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009.08.14 18:12:34 | 000,954,368 | ---- | M] (Wireless) [On_Demand | Stopped] -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)
SRV - [2009.08.14 18:12:34 | 000,265,216 | ---- | M] (Wireless) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Hry\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.05.09 18:02:25 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.05.09 18:00:37 | 000,063,016 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E60x64.sys -- (L1E)
DRV:64bit: - [2011.04.26 14:37:38 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.04.08 07:37:30 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.04.07 22:31:02 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.10.15 16:23:41 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010.07.29 13:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.07.29 13:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.07.29 13:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.07.01 15:35:54 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.01.05 20:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.08.21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.14 18:12:34 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.05.13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.03 17:40:13 | 000,077,432 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV:64bit: - [2009.02.03 17:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.07.24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007.02.08 19:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2006.07.10 18:21:22 | 000,022,936 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2006.06.14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.10.17 13:40:48 | 000,165,376 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\atksgt.sys -- (atksgt)
DRV - [2010.10.17 13:40:48 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.03.31 00:00:00 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 -- (EverestDriver)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{3E6 ... 38A10A0497}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.8&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.24 20:18:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.05.27 21:07:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.04 19:20:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.09.26 21:42:39 | 000,000,000 | ---D | M]
[2011.04.14 21:30:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions
[2011.05.10 18:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions
[2011.05.10 18:52:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.08 11:02:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions
[2011.05.08 12:28:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.08 11:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions
[2011.05.08 12:28:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.24 22:38:17 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011.03.14 18:08:40 | 000,000,168 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.gif
[2011.05.29 21:57:28 | 000,000,947 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.xml
[2011.04.14 21:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011.05.27 21:07:00 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011.03.18 19:55:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.04.17 14:48:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (no name) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [Mousotron] C:\Program Files (x86)\Mousotron\Mousotron.exe (Blacksun Software)
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [ShowBatteryBar] C:\Program Files\BatteryBar\ShowBatteryBar.exe ()
O4 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000..\Run: [uTorrent] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\David\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://d1ylr6sba64qi3.cloudfront.net/gl ... 1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... 4.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.27 08:04:52 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 7 Days ==========
[2011.06.05 00:16:24 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011.06.04 21:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DiskCheckup
[2011.06.04 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
[2011.06.04 21:35:54 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Cooliris
[2011.06.04 18:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\BatteryBar
[2010.10.03 13:43:32 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\David\AppData\Roaming\pcouffin.sys
[2008.08.12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.06.05 00:16:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011.06.05 00:04:30 | 000,453,632 | ---- | M] () -- C:\Users\David\Desktop\CKScanner.exe
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.04 23:53:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.04 23:46:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 23:46:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 23:45:09 | 000,639,986 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.06.04 23:45:09 | 000,624,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.04 23:45:09 | 000,126,866 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.06.04 23:45:09 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.04 23:45:08 | 001,497,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.04 23:41:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job
[2011.06.04 23:39:33 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () -- C:\Windows\tasks\nsuttpu.job
[2011.06.04 23:39:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.04 23:39:05 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.04 21:02:00 | 000,002,926 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () -- C:\Windows\SysWow64\MSVCP50G.dll
[2011.06.04 00:00:00 | 000,832,273 | ---- | M] () -- C:\Users\David\Desktop\RSITx64.exe
[2011.06.03 19:04:27 | 000,228,082 | ---- | M] () -- C:\Windows\hpoins46.dat
[2011.06.02 23:27:46 | 000,003,865 | ---- | M] () -- C:\Users\David\Desktop\DesktopOK.ini
[2011.06.02 20:41:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.05 00:04:23 | 000,453,632 | ---- | C] () -- C:\Users\David\Desktop\CKScanner.exe
[2011.06.04 20:55:39 | 000,077,824 | RHS- | C] () -- C:\Windows\SysWow64\MSVCP50G.dll
[2011.06.04 20:55:39 | 000,000,304 | -HS- | C] () -- C:\Windows\tasks\nsuttpu.job
[2011.06.04 00:00:00 | 000,832,273 | ---- | C] () -- C:\Users\David\Desktop\RSITx64.exe
[2011.05.13 22:34:49 | 000,000,600 | ---- | C] () -- C:\Users\David\AppData\Roaming\winscp.rnd
[2011.04.17 11:36:42 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.17 11:36:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.17 11:36:42 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.17 11:36:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.17 11:36:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.04.06 20:57:06 | 000,000,600 | ---- | C] () -- C:\Users\David\AppData\Local\PUTTY.RND
[2011.03.30 20:14:53 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.03.15 00:44:02 | 001,386,496 | ---- | C] () -- C:\Windows\SysWow64\GLaux.dll
[2011.02.01 22:17:58 | 001,521,644 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.24 21:32:03 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2010.12.24 20:02:43 | 000,228,082 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010.12.12 11:41:09 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010.11.22 21:08:40 | 000,000,501 | ---- | C] () -- C:\Windows\eReg.dat
[2010.10.17 13:39:10 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\drivers\atksgt.sys
[2010.10.17 13:39:10 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2010.10.15 20:51:39 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.10.15 20:51:39 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.10.15 20:51:39 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.10.10 15:42:40 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010.10.03 21:37:04 | 000,044,544 | ---- | C] () -- C:\Windows\SysWow64\Gif89.dll
[2010.10.03 14:25:17 | 000,004,096 | -H-- | C] () -- C:\Users\David\AppData\Local\keyfile3.drm
[2010.10.03 13:43:32 | 000,007,859 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.cat
[2010.10.03 13:43:32 | 000,001,167 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.inf
[2010.10.03 13:39:14 | 000,001,057 | ---- | C] () -- C:\Users\David\AppData\Roaming\vso_ts_preview.xml
[2010.10.02 22:37:40 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2010.09.24 22:10:03 | 000,014,658 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.30 08:08:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.08.17 08:23:21 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010.07.31 23:26:49 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.07.20 05:39:02 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010.07.20 05:39:00 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010.07.20 05:39:00 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010.07.05 21:40:33 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.07.05 09:08:03 | 000,000,024 | ---- | C] () -- C:\Windows\clofghls.dll
[2010.07.04 20:31:36 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2010.06.28 22:42:05 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.06.25 11:59:21 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.06.23 21:23:10 | 000,000,012 | ---- | C] () -- C:\Windows\SysWow64\USERDATA.DAT
[2010.06.16 20:21:14 | 000,007,658 | ---- | C] () -- C:\Users\David\AppData\Local\resmon.resmoncfg
[2010.06.13 20:54:57 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010.06.13 20:52:50 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.06.12 21:36:40 | 000,015,386 | ---- | C] () -- C:\Windows\SysWow64\BestTimes.dat
[2010.06.07 14:30:53 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.06.07 14:30:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.23 10:00:41 | 000,843,892 | ---- | C] () -- C:\Windows\SysWow64\python22.dll
[2010.05.23 09:57:08 | 001,672,281 | ---- | C] () -- C:\Windows\SysWow64\metin2_patcher.exe
[2010.05.21 22:20:11 | 000,202,240 | ---- | C] () -- C:\Windows\SysWow64\patchw32.dll
[2010.05.21 22:19:08 | 000,349,696 | ---- | C] () -- C:\Windows\SysWow64\mss32.dll
[2010.05.21 22:18:34 | 003,167,501 | ---- | C] () -- C:\Windows\SysWow64\metin2.bin
[2010.05.02 21:06:06 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.05.01 12:05:27 | 000,000,289 | ---- | C] () -- C:\Windows\cncscore.ini
[2010.04.30 22:50:47 | 000,011,264 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.30 22:33:20 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.02.10 20:28:42 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.01.29 23:21:20 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009.10.26 05:38:20 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config.backup
[2009.08.19 10:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2003.04.09 18:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002.08.29 18:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 18:33:56 | 000,319,488 | R--- | C] () -- C:\Users\David\AppData\Roaming\MafiaSetup.exe
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
Re: preventivka & problém z cpu
========== LOP Check ==========
[2011.04.07 22:22:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.minecraft
[2010.12.09 22:52:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.purple
[2011.04.30 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Asus WebStorage
[2011.05.21 00:38:44 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Azureus
[2011.04.17 10:51:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BatteryBar
[2011.06.04 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BitComet
[2010.10.04 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BITS
[2010.12.12 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CAD-KAS
[2011.04.08 07:08:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Convivea
[2010.05.08 08:25:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2010.05.17 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\EeeStorageUploader
[2011.01.09 14:02:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ERS Game Studios
[2011.04.08 07:35:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\esmska
[2011.06.04 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FileZilla
[2010.06.13 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGet
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGetBHO
[2010.05.30 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeCall
[2011.01.19 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\fretsonfire
[2010.04.29 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameConsole
[2011.05.21 21:18:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GHISLER
[2011.06.04 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2011.05.21 21:18:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\IObit
[2010.10.02 22:32:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\iolo
[2010.05.09 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2011.04.09 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Miranda
[2011.03.31 23:29:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mount&Blade
[2011.04.14 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nvu
[2010.04.30 18:15:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org
[2010.12.20 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.07.28 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\QuickStoresToolbar
[2010.11.24 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Raptr
[2011.03.01 22:33:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2010.06.24 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sachy
[2011.02.26 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SPORE
[2010.10.29 22:24:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.30 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeamViewer
[2010.08.16 23:12:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\temp
[2010.08.22 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TuneUp Software
[2011.05.21 21:25:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2010.10.23 14:57:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Vso
[2010.05.06 12:46:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\XnView
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\nsuttpu.job
[2011.04.28 17:06:21 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Users\David\Desktop\uTorrent.exe"
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"Mousotron" = C:\Program Files (x86)\Mousotron\Mousotron.exe -- [2011.02.02 19:23:22 | 000,525,312 | ---- | M] (Blacksun Software)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.05.05 21:06:28 | 000,136,176 | ---- | M] (Google Inc.)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"ShowBatteryBar" = "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show -- [2009.05.28 23:35:40 | 000,089,600 | ---- | M] ()
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.04.07 22:22:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.minecraft
[2010.12.09 22:52:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.purple
[2010.12.01 19:53:09 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe
[2010.10.29 22:24:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe Mini Bridge CS5
[2011.04.30 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Asus WebStorage
[2011.05.21 00:38:44 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Azureus
[2011.04.17 10:51:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BatteryBar
[2011.06.04 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BitComet
[2010.10.04 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BITS
[2010.12.12 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CAD-KAS
[2011.04.08 07:08:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Convivea
[2010.05.01 14:12:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CyberLink
[2010.05.08 08:25:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2010.05.17 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\EeeStorageUploader
[2011.01.09 14:02:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ERS Game Studios
[2011.04.08 07:35:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\esmska
[2011.06.04 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FileZilla
[2010.06.13 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGet
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGetBHO
[2010.05.30 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeCall
[2011.01.19 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\fretsonfire
[2010.04.29 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameConsole
[2011.05.21 21:18:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GHISLER
[2011.03.21 16:16:06 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Google
[2010.12.24 20:36:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HP
[2011.01.22 00:45:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HpUpdate
[2011.06.04 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2010.04.29 23:25:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Identities
[2011.05.21 21:18:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\IObit
[2010.10.02 22:32:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\iolo
[2010.05.09 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2010.04.29 19:25:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Macromedia
[2010.09.28 16:10:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2011.05.21 21:18:37 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Microsoft
[2010.08.24 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Microsoft Games
[2011.04.09 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Miranda
[2011.03.31 23:29:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mount&Blade
[2011.04.14 22:44:18 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mozilla
[2011.04.14 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nvu
[2010.04.30 18:15:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org
[2010.12.20 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.07.28 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\QuickStoresToolbar
[2010.11.24 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Raptr
[2011.05.22 20:41:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Real
[2011.03.01 22:33:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2010.06.24 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sachy
[2010.07.31 23:44:04 | 000,000,000 | RH-D | M] -- C:\Users\David\AppData\Roaming\SecuROM
[2011.06.05 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Skype
[2011.06.05 00:02:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\skypePM
[2011.02.26 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SPORE
[2010.10.29 22:24:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.30 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeamViewer
[2010.08.16 23:12:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\temp
[2010.08.22 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TuneUp Software
[2011.05.21 21:25:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2010.10.23 14:57:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Vso
[2010.05.06 12:46:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2002.08.29 18:33:56 | 000,319,488 | R--- | M] () -- C:\Users\David\AppData\Roaming\MafiaSetup.exe
[2011.04.28 19:52:32 | 000,070,992 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\David\AppData\Roaming\Asus WebStorage\EeeStorageUpdate.EXE
[2011.04.28 19:53:45 | 014,462,264 | ---- | M] () -- C:\Users\David\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.84.161.exe
[2010.11.24 22:42:59 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\David\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2008.03.28 10:07:22 | 000,020,992 | ---- | M] (Convivea Inc (c) 2006) -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\languages\compare.exe
[2008.03.28 10:04:56 | 000,058,368 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe
[2008.03.28 10:02:12 | 000,060,928 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\update.exe
[2008.03.28 10:01:02 | 000,059,904 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\x.exe
[2010.07.28 12:28:35 | 000,704,248 | ---- | M] () -- C:\Users\David\AppData\Roaming\QuickStoresToolbar\unins000.exe
[2010.03.03 15:00:50 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Users\David\AppData\Roaming\QuickStoresToolbar\Update.exe
[2010.08.16 23:12:36 | 000,000,000 | ---- | M] () -- C:\Users\David\AppData\Roaming\temp\ICON.exe
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.02.10 20:22:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\ERDNT\cache86\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.10 20:22:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.10 20:22:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.10 20:22:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_9071cf01e963be0e\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\ERDNT\cache64\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\MSVCP50G.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\nsuttpu.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\MSVCP50G.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () -- C:\Windows\SysWOW64\MSVCP50G.dll
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.ex0
[2011.06.05 00:37:51 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
[2011.06.05 00:37:51 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.xtr
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F
< End of report >
[2011.04.07 22:22:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.minecraft
[2010.12.09 22:52:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.purple
[2011.04.30 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Asus WebStorage
[2011.05.21 00:38:44 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Azureus
[2011.04.17 10:51:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BatteryBar
[2011.06.04 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BitComet
[2010.10.04 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BITS
[2010.12.12 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CAD-KAS
[2011.04.08 07:08:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Convivea
[2010.05.08 08:25:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2010.05.17 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\EeeStorageUploader
[2011.01.09 14:02:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ERS Game Studios
[2011.04.08 07:35:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\esmska
[2011.06.04 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FileZilla
[2010.06.13 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGet
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGetBHO
[2010.05.30 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeCall
[2011.01.19 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\fretsonfire
[2010.04.29 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameConsole
[2011.05.21 21:18:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GHISLER
[2011.06.04 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2011.05.21 21:18:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\IObit
[2010.10.02 22:32:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\iolo
[2010.05.09 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2011.04.09 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Miranda
[2011.03.31 23:29:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mount&Blade
[2011.04.14 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nvu
[2010.04.30 18:15:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org
[2010.12.20 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.07.28 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\QuickStoresToolbar
[2010.11.24 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Raptr
[2011.03.01 22:33:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2010.06.24 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sachy
[2011.02.26 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SPORE
[2010.10.29 22:24:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.30 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeamViewer
[2010.08.16 23:12:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\temp
[2010.08.22 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TuneUp Software
[2011.05.21 21:25:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2010.10.23 14:57:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Vso
[2010.05.06 12:46:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\XnView
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\nsuttpu.job
[2011.04.28 17:06:21 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Users\David\Desktop\uTorrent.exe"
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"Mousotron" = C:\Program Files (x86)\Mousotron\Mousotron.exe -- [2011.02.02 19:23:22 | 000,525,312 | ---- | M] (Blacksun Software)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.05.05 21:06:28 | 000,136,176 | ---- | M] (Google Inc.)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"ShowBatteryBar" = "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show -- [2009.05.28 23:35:40 | 000,089,600 | ---- | M] ()
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.04.07 22:22:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.minecraft
[2010.12.09 22:52:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.purple
[2010.12.01 19:53:09 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe
[2010.10.29 22:24:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe Mini Bridge CS5
[2011.04.30 19:12:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Asus WebStorage
[2011.05.21 00:38:44 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Azureus
[2011.04.17 10:51:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BatteryBar
[2011.06.04 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BitComet
[2010.10.04 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\BITS
[2010.12.12 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CAD-KAS
[2011.04.08 07:08:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Convivea
[2010.05.01 14:12:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CyberLink
[2010.05.08 08:25:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2010.05.17 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\EeeStorageUploader
[2011.01.09 14:02:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ERS Game Studios
[2011.04.08 07:35:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\esmska
[2011.06.04 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FileZilla
[2010.06.13 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGet
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FlashGetBHO
[2010.05.30 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeCall
[2011.01.19 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\fretsonfire
[2010.04.29 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameConsole
[2011.05.21 21:18:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GHISLER
[2011.03.21 16:16:06 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Google
[2010.12.24 20:36:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HP
[2011.01.22 00:45:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HpUpdate
[2011.06.04 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2010.04.29 23:25:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Identities
[2011.05.21 21:18:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\IObit
[2010.10.02 22:32:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\iolo
[2010.05.09 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2010.04.29 19:25:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Macromedia
[2010.09.28 16:10:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2011.05.21 21:18:37 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Microsoft
[2010.08.24 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Microsoft Games
[2011.04.09 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Miranda
[2011.03.31 23:29:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mount&Blade
[2011.04.14 22:44:18 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mozilla
[2011.04.14 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nvu
[2010.04.30 18:15:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org
[2010.12.20 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.07.28 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\QuickStoresToolbar
[2010.11.24 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Raptr
[2011.05.22 20:41:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Real
[2011.03.01 22:33:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2010.06.24 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sachy
[2010.07.31 23:44:04 | 000,000,000 | RH-D | M] -- C:\Users\David\AppData\Roaming\SecuROM
[2011.06.05 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Skype
[2011.06.05 00:02:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\skypePM
[2011.02.26 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SPORE
[2010.10.29 22:24:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.30 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeamViewer
[2010.08.16 23:12:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\temp
[2010.08.22 21:42:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TuneUp Software
[2011.05.21 21:25:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2010.10.23 14:57:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Vso
[2010.05.06 12:46:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2002.08.29 18:33:56 | 000,319,488 | R--- | M] () -- C:\Users\David\AppData\Roaming\MafiaSetup.exe
[2011.04.28 19:52:32 | 000,070,992 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\David\AppData\Roaming\Asus WebStorage\EeeStorageUpdate.EXE
[2011.04.28 19:53:45 | 014,462,264 | ---- | M] () -- C:\Users\David\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.84.161.exe
[2010.11.24 22:42:59 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\David\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2008.03.28 10:07:22 | 000,020,992 | ---- | M] (Convivea Inc (c) 2006) -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\languages\compare.exe
[2008.03.28 10:04:56 | 000,058,368 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe
[2008.03.28 10:02:12 | 000,060,928 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\update.exe
[2008.03.28 10:01:02 | 000,059,904 | ---- | M] () -- C:\Users\David\AppData\Roaming\Convivea\Bit_Che\scripts\x.exe
[2010.07.28 12:28:35 | 000,704,248 | ---- | M] () -- C:\Users\David\AppData\Roaming\QuickStoresToolbar\unins000.exe
[2010.03.03 15:00:50 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Users\David\AppData\Roaming\QuickStoresToolbar\Update.exe
[2010.08.16 23:12:36 | 000,000,000 | ---- | M] () -- C:\Users\David\AppData\Roaming\temp\ICON.exe
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.02.10 20:22:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\ERDNT\cache86\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.10 20:22:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.10 20:22:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.10 20:22:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_9071cf01e963be0e\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\ERDNT\cache64\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\MSVCP50G.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.06.04 23:39:22 | 000,000,304 | -HS- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\nsuttpu.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\MSVCP50G.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.06.04 20:55:39 | 000,077,824 | RHS- | M] () -- C:\Windows\SysWOW64\MSVCP50G.dll
[2011.06.04 23:53:46 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.ex0
[2011.06.05 00:37:51 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
[2011.06.05 00:37:51 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.xtr
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F
< End of report >
Re: preventivka & problém z cpu
Extras
OTL Extras logfile created on: 5.6.2011 0:17:30 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.20% Memory free
7.93 Gb Paging File | 4.93 Gb Available in Paging File | 62.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 63.72 Gb Free Space | 54.73% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 97.11 Gb Free Space | 29.02% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "D:\Opera 11.00 beta\Opera.exe" "%1" File not found
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- D:\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "D:\Opera 11.00 beta\Opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCF541DC-C493-4C01-8A1E-8CEEE8216B34}" = Oracle VM VirtualBox 4.0.6
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{DDF61711-75A1-4EED-9C4B-789D3932A4A7}" = ESET NOD32 Antivirus
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASUS WebStorage" = ASUS WebStorage
"BatteryBar" = BatteryBar (remove only)
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"GMailFS" = GMail Drive Shell Extension
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{022730FF-F116-47A9-9732-AD823C3ADD51}" = Rogue Trooper
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{153898EE-EECA-471E-8E33-C8485EA84C07}" = QSS Installation Program
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.2.0
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{652B48CA-165B-4671-9415-2B477B20CE82}_is1" = Emergency 4
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8829DAD4-8F07-4A96-B995-15498EBB8045}" = Heroes of Might and Magic V
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258h
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF22161D-0E1B-489E-BBC8-684055836FE9}" = Windows Live Toolbar
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E459015D-3DAF-470A-A756-8C0E16B89C6F}_is1" = Blitzkrieg 2
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomenuté písky
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EDA827F5-C014-4161-918D-3EEF16A2B167}" = Korea: Forgotten Conflict
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia Warrior Within
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{Punské války}" = Punské války
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1" = Age of Empires II - The Conquerors - 1.0e Patch FINAL
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Air Conflicts" = Air Conflicts
"Angry Birds1.0" = Angry Birds
"ArmA" = ArmA Uninstall
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Screensaver" = ASUS_Screensaver
"aTube Catcher" = aTube Catcher
"Avencast_is1" = Avencast
"BitComet" = BitComet 1.26
"CCleaner" = CCleaner
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Čeština Dragon Age Origins 1.00" = Čeština Dragon Age Origins 1.00
"DAEMON Tools Lite" = DAEMON Tools Lite
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FarmingSimulator2011EN_is1" = Farming Simulator 2011
"FileZilla Client" = FileZilla Client 3.4.0
"FormatFactory" = FormatFactory 2.50
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"Hidden and Dangerous Deluxe" = Hidden and Dangerous Deluxe
"HyperCam 3" = HyperCam 3
"HyperCam Toolbar" = HyperCam Toolbar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Medal of Honor Allied Assault v 1.0.0.1_is1" = Medal of Honor Allied Assault v 1.0.0.1
"Might and Magic IX" = Might and Magic® IX
"MiniTool Power Data Recovery_is1" = MiniTool Power Data Recovery
"Moto Racer 3_is1" = Moto Racer 3
"Mount&Blade" = Mount&Blade
"Mousotron_is1" = Mousotron 6.1
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"Network Play System (Patching)" = Network Play System (Patching)
"Nvu" = Nvu 1.0
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0
"RealPlayer 12.0" = RealPlayer
"RiseOfNationsExpansion 1.0" = Rise of Nations
"RocketDock_is1" = RocketDock 1.3.5
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0004]
"San Andreas Mod Installer1.0" = San Andreas Mod Installer
"SeriousSam2" = Serious Sam 2
"Soldiers of Anarchy" = Soldiers of Anarchy
"TeamViewer 6" = TeamViewer 6
"The Matrix Reloaded" = The Matrix Reloaded
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Totalcmd" = Total Commander (Remove or Repair)
"Traktor Simulátor_is1" = Traktor Simulátor
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.2
"World of Warcraft" = World of Warcraft
"Zynga Toolbar" = Zynga Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL Extras logfile created on: 5.6.2011 0:17:30 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.20% Memory free
7.93 Gb Paging File | 4.93 Gb Available in Paging File | 62.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 63.72 Gb Free Space | 54.73% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 97.11 Gb Free Space | 29.02% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "D:\Opera 11.00 beta\Opera.exe" "%1" File not found
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- D:\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "D:\Opera 11.00 beta\Opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCF541DC-C493-4C01-8A1E-8CEEE8216B34}" = Oracle VM VirtualBox 4.0.6
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{DDF61711-75A1-4EED-9C4B-789D3932A4A7}" = ESET NOD32 Antivirus
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASUS WebStorage" = ASUS WebStorage
"BatteryBar" = BatteryBar (remove only)
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"GMailFS" = GMail Drive Shell Extension
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{022730FF-F116-47A9-9732-AD823C3ADD51}" = Rogue Trooper
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{153898EE-EECA-471E-8E33-C8485EA84C07}" = QSS Installation Program
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.2.0
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{652B48CA-165B-4671-9415-2B477B20CE82}_is1" = Emergency 4
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8829DAD4-8F07-4A96-B995-15498EBB8045}" = Heroes of Might and Magic V
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258h
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF22161D-0E1B-489E-BBC8-684055836FE9}" = Windows Live Toolbar
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E459015D-3DAF-470A-A756-8C0E16B89C6F}_is1" = Blitzkrieg 2
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Zapomenuté písky
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EDA827F5-C014-4161-918D-3EEF16A2B167}" = Korea: Forgotten Conflict
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia Warrior Within
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{Punské války}" = Punské války
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1" = Age of Empires II - The Conquerors - 1.0e Patch FINAL
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Air Conflicts" = Air Conflicts
"Angry Birds1.0" = Angry Birds
"ArmA" = ArmA Uninstall
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Screensaver" = ASUS_Screensaver
"aTube Catcher" = aTube Catcher
"Avencast_is1" = Avencast
"BitComet" = BitComet 1.26
"CCleaner" = CCleaner
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Čeština Dragon Age Origins 1.00" = Čeština Dragon Age Origins 1.00
"DAEMON Tools Lite" = DAEMON Tools Lite
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FarmingSimulator2011EN_is1" = Farming Simulator 2011
"FileZilla Client" = FileZilla Client 3.4.0
"FormatFactory" = FormatFactory 2.50
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"Hidden and Dangerous Deluxe" = Hidden and Dangerous Deluxe
"HyperCam 3" = HyperCam 3
"HyperCam Toolbar" = HyperCam Toolbar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Medal of Honor Allied Assault v 1.0.0.1_is1" = Medal of Honor Allied Assault v 1.0.0.1
"Might and Magic IX" = Might and Magic® IX
"MiniTool Power Data Recovery_is1" = MiniTool Power Data Recovery
"Moto Racer 3_is1" = Moto Racer 3
"Mount&Blade" = Mount&Blade
"Mousotron_is1" = Mousotron 6.1
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"Network Play System (Patching)" = Network Play System (Patching)
"Nvu" = Nvu 1.0
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0
"RealPlayer 12.0" = RealPlayer
"RiseOfNationsExpansion 1.0" = Rise of Nations
"RocketDock_is1" = RocketDock 1.3.5
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0004]
"San Andreas Mod Installer1.0" = San Andreas Mod Installer
"SeriousSam2" = Serious Sam 2
"Soldiers of Anarchy" = Soldiers of Anarchy
"TeamViewer 6" = TeamViewer 6
"The Matrix Reloaded" = The Matrix Reloaded
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Totalcmd" = Total Commander (Remove or Repair)
"Traktor Simulátor_is1" = Traktor Simulátor
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.2
"World of Warcraft" = World of Warcraft
"Zynga Toolbar" = Zynga Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: preventivka & problém z cpu
Odinstalujte Advanced SystemCare 4 a nasledne i vse od IOBit - jsou to cinske smejdy, databazi haveti ukradli jine renomovane spolecnosti, spise skodi nez jsou uzitecne Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{3E64663D-28D4-478E-B785-5D38A10A0497} IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "http://start.icq.com/" FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.8&q=" [2011.05.10 18:52:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.08 12:28:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.08 12:28:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.11.24 22:38:17 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2011.03.14 18:08:40 | 000,000,168 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.gif [2011.05.29 21:57:28 | 000,000,947 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.xml O2:64bit: - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found. O2 - BHO: (no name) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - No CLSID value found. O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet) O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O37 - HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [16 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2011.06.04 23:53:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.04 23:41:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job [2011.06.04 23:39:33 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.02 20:41:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60 @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8 @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=- "RocketDock"=- "DAEMON Tools Lite"=- "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=- "UpdateP2GoShortCut"=- "Adobe ARM"=- "Adobe Reader Speed Launcher"=- "SwitchBoard"=- "AdobeCS5ServiceManager"=- "HP Software Update"=- "TkBellExe"=- "Malwarebytes' Anti-Malware"=- "Malwarebytes' Anti-Malware (reboot)"=- "SunJavaUpdateSched"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "17647d"=- :files C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job C:\Windows\tasks\nsuttpu.job C:\Program Files (x86)\Windows Live\Toolbar c:\Program Files (x86)\ICQ6Toolbar c:\users\david\documents\icq\573759159\receivedfiles\378157094 dh\mafia.ii.crackfix-skidrow.rar /d %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka & problém z cpu
All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
C:\Program Files (x86)\Zynga\tbZyng.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
C:\Program Files (x86)\Vuze_Remote\tbVuze.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "http://search.icq.com/search/afe_result ... 2.0.0.8&q=" removed from keyword.URL
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7B13EC3E-999A-4B70-B9CB-2617B8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D9F03FA-7A94-11D3-BE81-0050048385D1}\ not found.
File {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32505114-5902-49B2-880A-1F7738E5A384}\ not found.
File {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000_Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows\SysWow64\tmpBA99.tmp deleted successfully.
C:\Windows\SysWow64\tmpBAB9.tmp deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
C:\Windows\SysNative\SET13B3.tmp deleted successfully.
C:\Windows\SysNative\SET1421.tmp deleted successfully.
C:\Windows\SysNative\SET152D.tmp deleted successfully.
C:\Windows\SysNative\SET25EF.tmp deleted successfully.
C:\Windows\SysNative\SET7C21.tmp deleted successfully.
C:\Windows\SysNative\SET7C70.tmp deleted successfully.
C:\Windows\SysNative\SET7C90.tmp deleted successfully.
C:\Windows\SysNative\SET7CC0.tmp deleted successfully.
C:\Windows\SysNative\SET92EC.tmp deleted successfully.
C:\Windows\SysNative\SET932B.tmp deleted successfully.
C:\Windows\SysNative\SET979F.tmp deleted successfully.
C:\Windows\SysNative\SET97CF.tmp deleted successfully.
C:\Windows\SysNative\SETCD22.tmp deleted successfully.
C:\Windows\SysNative\SETCD51.tmp deleted successfully.
C:\Windows\SysNative\SETCD81.tmp deleted successfully.
C:\Windows\SysNative\SETCDA1.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:15024E60 deleted successfully.
ADS C:\ProgramData\Temp:734E442A deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:B88E99C8 deleted successfully.
ADS C:\ProgramData\Temp:A724744F deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RocketDock deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware (reboot) not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce\\17647d not found.
========== FILES ==========
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job not found.
C:\Windows\tasks\nsuttpu.job moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.translator.btn folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.news.btn folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\cs-cz folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\cs folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar folder moved successfully.
c:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
c:\users\david\documents\icq\573759159\receivedfiles\378157094 dh\Mafia.II.Crackfix-SKIDROW.rar deleted successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 190577796 bytes
->Temporary Internet Files folder emptied: 133638656 bytes
->Java cache emptied: 6795140 bytes
->FireFox cache emptied: 90498126 bytes
->Google Chrome cache emptied: 364703849 bytes
->Opera cache emptied: 85652211 bytes
->Flash cache emptied: 13442 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3561204 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2067266 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 122068 bytes
RecycleBin emptied: 2047481608 bytes
Total Files Cleaned = 2 790.00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06052011_093239
Files\Folders moved on Reboot...
File\Folder C:\Users\David\AppData\Local\Temp\fz3temp-1\14.5.2011 (další vyjebávky x(( not found!
C:\Users\David\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
C:\Program Files (x86)\Zynga\tbZyng.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
C:\Program Files (x86)\Vuze_Remote\tbVuze.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2239340465-1001483360-3508777747-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "http://search.icq.com/search/afe_result ... 2.0.0.8&q=" removed from keyword.URL
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tnvv6a1g.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\udgekhel.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fmonmo24.default\searchplugins\icqplugin.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7B13EC3E-999A-4B70-B9CB-2617B8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
File C:\Program Files (x86)\Vuze_Remote\tbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D9F03FA-7A94-11D3-BE81-0050048385D1}\ not found.
File {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32505114-5902-49B2-880A-1F7738E5A384}\ not found.
File {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2239340465-1001483360-3508777747-1000_Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows\SysWow64\tmpBA99.tmp deleted successfully.
C:\Windows\SysWow64\tmpBAB9.tmp deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
C:\Windows\SysNative\SET13B3.tmp deleted successfully.
C:\Windows\SysNative\SET1421.tmp deleted successfully.
C:\Windows\SysNative\SET152D.tmp deleted successfully.
C:\Windows\SysNative\SET25EF.tmp deleted successfully.
C:\Windows\SysNative\SET7C21.tmp deleted successfully.
C:\Windows\SysNative\SET7C70.tmp deleted successfully.
C:\Windows\SysNative\SET7C90.tmp deleted successfully.
C:\Windows\SysNative\SET7CC0.tmp deleted successfully.
C:\Windows\SysNative\SET92EC.tmp deleted successfully.
C:\Windows\SysNative\SET932B.tmp deleted successfully.
C:\Windows\SysNative\SET979F.tmp deleted successfully.
C:\Windows\SysNative\SET97CF.tmp deleted successfully.
C:\Windows\SysNative\SETCD22.tmp deleted successfully.
C:\Windows\SysNative\SETCD51.tmp deleted successfully.
C:\Windows\SysNative\SETCD81.tmp deleted successfully.
C:\Windows\SysNative\SETCDA1.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:15024E60 deleted successfully.
ADS C:\ProgramData\Temp:734E442A deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:B88E99C8 deleted successfully.
ADS C:\ProgramData\Temp:A724744F deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RocketDock deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware (reboot) not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce\\17647d not found.
========== FILES ==========
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000Core.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239340465-1001483360-3508777747-1000UA.job not found.
C:\Windows\tasks\nsuttpu.job moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.translator.btn folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.news.btn folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\Custom Buttons folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\cs-cz folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar\cs folder moved successfully.
C:\Program Files (x86)\Windows Live\Toolbar folder moved successfully.
c:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
c:\users\david\documents\icq\573759159\receivedfiles\378157094 dh\Mafia.II.Crackfix-SKIDROW.rar deleted successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 190577796 bytes
->Temporary Internet Files folder emptied: 133638656 bytes
->Java cache emptied: 6795140 bytes
->FireFox cache emptied: 90498126 bytes
->Google Chrome cache emptied: 364703849 bytes
->Opera cache emptied: 85652211 bytes
->Flash cache emptied: 13442 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3561204 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2067266 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 122068 bytes
RecycleBin emptied: 2047481608 bytes
Total Files Cleaned = 2 790.00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06052011_093239
Files\Folders moved on Reboot...
File\Folder C:\Users\David\AppData\Local\Temp\fz3temp-1\14.5.2011 (další vyjebávky x(( not found!
C:\Users\David\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Re: preventivka & problém z cpu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka & problém z cpu
no už to je lepší ale pořád mu jebe, viz zde:
Re: preventivka & problém z cpu
Zkuste smazat jeho cache, pripadne jej odinstalovat - smazat slozku a cista instalace
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?