Dobry vecer,
rad bych poprosil o pomoc s odstranenim vyhledavace Babylon search, ktery se mi i vc. toolbaru do Firefoxu dostal do compu.
Taky se v posledni dobe ponekud zpomalila cinnost PC. Prikladam tedy jeden log na kontrolu..Diky moc !
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vladimir at 2012-03-04 21:14:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 70 GB (30%) free of 238 GB
Total RAM: 4094 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:26, on 4.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Vladimir.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 4f6a042bd6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\5.0\pdfforgeToolbarIE.dll
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\5.0\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\5.0\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vladimir\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2196302773-2579179296-1320928725-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196302773-2579179296-1320928725-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11236 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" /StartMinimized
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7940244b-27b1-45cf-9e9a-c4949c524098 -SystemEventPortName:HostProcess-6a2f29c7-3e89-42ae-973e-52837a734777 -IoCancelEventPortName:HostProcess-55adbee6-2612-4900-849a-f9c9d0961ab9 -NonStateChangingEventPortName:HostProcess-2a536696-cc6c-46cd-9a44-68a0d6a5b67c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b0a8fc5a-b7d4-41c1-8532-c981403f829b
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3180.13abd990.1061239898 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3180 "\\.\pipe\gecko-crash-server-pipe.3180" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3180.7dcd5b0.748288664 "C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3180 "\\.\pipe\gecko-crash-server-pipe.3180" plugin
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Vladimir\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default
prefs.js - "browser.startup.homepage" - "http://www.planes.cz/cs/"
prefs.js - "extensions.enabledItems" - "pdfforge@mybrowserbar.com:4.3, wtxpcom@mybrowserbar.com:4.3, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =302398&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsILegitCheckPlugin.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\extensions\
engine@conduit.com
ffxtlbr@babylon.com
ffxtlbra@softonic.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\5.0\pdfforgeToolbarIE.dll [2012-02-06 1074016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\5.0\pdfforgeToolbarIE.dll [2012-02-06 1074016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-06-25 7883296]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-06-25 1833504]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2009-08-21 878080]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\Vladimir\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-24 136176]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-02-25 740216]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
"Media Finder"=C:\Program Files (x86)\Media Finder\MF.exe /opentotray []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-05-30 202256]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Garmin Lifetime Updater"=C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [2012-01-06 1446760]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-02-06 934240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\Vladimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-03-04 21:07:30 ----D---- C:\rsit
2012-03-04 21:07:30 ----D---- C:\Program Files\trend micro
2012-02-26 14:57:19 ----D---- C:\Users\Vladimir\AppData\Roaming\Media Finder
2012-02-26 14:56:56 ----D---- C:\Users\Vladimir\AppData\Roaming\Babylon
2012-02-26 14:56:56 ----D---- C:\ProgramData\Babylon
2012-02-20 21:56:42 ----D---- C:\Program Files (x86)\pdfforge Toolbar
2012-02-20 21:56:42 ----D---- C:\Program Files (x86)\Application Updater
2012-02-16 00:20:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-16 00:20:35 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 00:20:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-16 00:20:34 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 00:20:33 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-16 00:20:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-16 00:20:33 ----A---- C:\Windows\system32\url.dll
2012-02-16 00:20:33 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 00:20:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-02-16 00:20:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-02-16 00:20:32 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 00:20:32 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 00:20:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-16 00:20:31 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 00:20:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-16 00:20:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-16 00:20:29 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 00:20:29 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 00:20:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-16 00:20:26 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 00:20:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-16 00:20:25 ----A---- C:\Windows\system32\ieframe.dll
2012-02-15 22:03:11 ----A---- C:\Windows\system32\shell32.dll
2012-02-15 22:03:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-15 22:03:08 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-15 22:03:08 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-15 22:03:06 ----A---- C:\Windows\system32\win32k.sys
2012-02-15 22:03:06 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-15 22:03:04 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-15 22:03:03 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-05 15:58:50 ----D---- C:\Users\Vladimir\AppData\Roaming\AcePlanner
2012-02-05 15:58:47 ----D---- C:\Program Files (x86)\AcePlanner
======List of files/folders modified in the last 1 month======
2012-03-04 21:14:13 ----D---- C:\Windows\Prefetch
2012-03-04 21:14:00 ----D---- C:\Windows\Temp
2012-03-04 21:07:30 ----RD---- C:\Program Files
2012-03-04 20:46:04 ----D---- C:\Windows\system32\config
2012-03-04 20:03:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-04 20:03:12 ----D---- C:\Users\Vladimir\AppData\Roaming\uTorrent
2012-03-04 20:01:31 ----D---- C:\ProgramData\NVIDIA
2012-03-04 20:01:18 ----D---- C:\Windows
2012-03-04 02:25:48 ----SHD---- C:\System Volume Information
2012-03-02 22:30:49 ----D---- C:\ProgramData\CanonIJPLM
2012-03-02 20:04:16 ----D---- C:\Windows\system32\Tasks
2012-02-28 22:34:49 ----D---- C:\Users\Vladimir\AppData\Roaming\BSplayer
2012-02-26 20:17:01 ----D---- C:\Windows\SysWOW64
2012-02-26 17:58:44 ----D---- C:\Program Files\Common Files\Nikon
2012-02-26 17:57:33 ----SHD---- C:\Windows\Installer
2012-02-26 17:49:26 ----RD---- C:\Program Files (x86)
2012-02-26 15:43:55 ----HD---- C:\ProgramData
2012-02-26 14:57:02 ----A---- C:\user.js
2012-02-25 19:39:42 ----D---- C:\Program Files (x86)\uTorrent
2012-02-24 19:37:12 ----D---- C:\Windows\debug
2012-02-20 21:56:42 ----D---- C:\Program Files (x86)\Common Files
2012-02-19 12:14:55 ----D---- C:\Windows\Microsoft.NET
2012-02-19 12:14:53 ----RSD---- C:\Windows\assembly
2012-02-16 21:47:28 ----D---- C:\Windows\system32\catroot2
2012-02-16 21:47:19 ----D---- C:\Windows\winsxs
2012-02-16 21:44:28 ----D---- C:\Windows\System32
2012-02-16 21:44:27 ----D---- C:\Windows\system32\drivers
2012-02-16 21:44:26 ----D---- C:\Windows\SYSWOW64\migration
2012-02-16 21:44:26 ----D---- C:\Program Files\Internet Explorer
2012-02-16 21:44:26 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-16 21:44:25 ----D---- C:\Windows\system32\migration
2012-02-16 00:25:39 ----D---- C:\Windows\inf
2012-02-16 00:25:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-16 00:23:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 00:23:01 ----D---- C:\ProgramData\Microsoft Help
2012-02-16 00:21:17 ----A---- C:\Windows\system32\MRT.exe
2012-02-16 00:20:52 ----D---- C:\Windows\system32\catroot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-08 254528]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-06-25 1778592]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-01-08 25640]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-02-06 748440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 1016936]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-14 136176]
S2 Printer Control;Printer Control; C:\Windows\syswow64\PrintCtrl.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-04-19 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-14 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Babylon search
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Babylon search
Zdravim a pekny vecer preji 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Babylon search
Tak toolbary o Ovladacich panelech nebyly k nalezeni, ale snad jsem je vyhodil pres Nastroje ve Firefoxu. Logy z OTL:
OTL logfile created on: 4.3.2012 21:40:59 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Vladimir\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free
8,00 Gb Paging File | 6,26 Gb Available in Paging File | 78,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 68,81 Gb Free Space | 29,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 200,08 Gb Free Space | 21,48% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 14,90 Gb Total Space | 14,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive J: | 7,39 Gb Total Space | 6,96 Gb Free Space | 94,15% Space Free | Partition Type: FAT32
Computer Name: VLADIMIROVO-PC | User Name: Vladimir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.03.04 21:38:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
PRC - [2012.03.04 20:03:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.06 16:30:00 | 001,446,760 | ---- | M] (Garmin) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.01.05 10:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.05.30 13:25:08 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.03.16 01:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.06.04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.05.21 00:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
========== Modules (No Company Name) ==========
MOD - [2012.03.04 20:03:32 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.02.18 17:32:23 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\35b997b2652f8f564b062e6a6e59055f\System.Xml.Linq.ni.dll
MOD - [2012.02.18 17:32:22 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b74e1ad9110a39851b12cb46b3954163\System.Xaml.ni.dll
MOD - [2012.02.16 00:27:42 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bdf555b4cfed144a3b0b60e0308cbf2b\PresentationFramework.ni.dll
MOD - [2012.02.16 00:27:29 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\37cfa5ae8473995db30414fa29167c28\PresentationCore.ni.dll
MOD - [2012.02.16 00:27:28 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\edfa0f31cc4950e16011ecb549f553f7\System.Windows.Forms.ni.dll
MOD - [2012.02.16 00:27:24 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b6ac99f2787a9a672d7a696ef25588ee\System.Core.ni.dll
MOD - [2012.02.16 00:27:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a588133985ef7510d4cc8cc7924f8ec3\System.Xml.ni.dll
MOD - [2012.02.16 00:27:21 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9d5b252266a6084a611b2be84fac9e1c\System.Drawing.ni.dll
MOD - [2012.02.16 00:27:20 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6be8cdc102f384653338279eff1f78fd\WindowsBase.ni.dll
MOD - [2012.02.16 00:27:19 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\f7ddf9585d0b4b46437dc07b50955b64\System.Security.ni.dll
MOD - [2012.02.16 00:27:18 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9dbdf77b1208ccfea1b67b50084c3f1a\PresentationFramework.Aero.ni.dll
MOD - [2012.02.16 00:27:17 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll
MOD - [2011.10.15 17:27:29 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011.04.27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.06.16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.16 01:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.05.31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.08 14:30:28 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.07 11:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2009.07.30 12:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV - [2012.01.08 12:07:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 4f6a042bd6
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B C2 F4 AC F5 37 CB 01 [binary data]
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTe ... 4f6a042bd6
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{59762C52-BB74-41F4-95AF-429DD951DC03}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.startup.homepage: "http://www.planes.cz/cs/"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =302398&p="
FF - prefs.js..network.proxy.backup.ftp: "10.138.1.3"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "10.138.1.3"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "10.138.1.3"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "10.138.1.3"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 1
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vladimir\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vladimir\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.04 20:03:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.18 09:54:27 | 000,000,000 | ---D | M]
[2010.04.19 14:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Extensions
[2012.03.04 21:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\extensions
[2011.08.28 18:16:27 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.05.25 15:15:26 | 000,000,923 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\conduit.xml
[2011.12.20 19:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.04 20:03:33 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.26 14:56:57 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.03.04 20:03:27 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.03.04 20:03:27 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.04.01 17:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.03.04 20:03:27 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.03.04 20:03:27 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.03.04 20:03:27 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray File not found
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Vladimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78192418-F86C-41C1-8AE6-0E699FCECFC9}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A5B847C-6C5E-4EAD-872C-5234710AF95C}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\Shell - "" = AutoRun
O33 - MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.03.04 21:39:10 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
[2012.03.04 21:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.03.04 21:07:30 | 000,000,000 | ---D | C] -- C:\rsit
[2012.02.28 22:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
========== Files - Modified Within 7 Days ==========
[2012.03.04 21:42:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.04 21:42:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.04 21:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 21:38:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
[2012.03.04 20:53:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job
[2012.03.04 20:11:34 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 20:11:34 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 20:01:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.04 20:01:14 | 3220,013,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.02 22:06:05 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job
[2012.02.28 22:57:27 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2012.02.28 22:34:50 | 000,001,126 | ---- | M] () -- C:\Users\Vladimir\Desktop\BS.Player FREE.lnk
========== Files Created - No Company Name ==========
[2012.03.04 21:42:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.28 22:57:27 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2011.12.29 17:02:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Configure Folder Actions
[2011.12.29 17:02:11 | 000,000,268 | RH-- | C] () -- C:\Users\Vladimir\AppData\Roaming\Common
[2011.12.29 17:02:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2011.12.29 17:02:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\InkjetPrinter
[2011.10.25 21:08:59 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2011.09.28 12:16:03 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011.01.05 23:10:30 | 001,503,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 11:33:05 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2010.11.02 22:45:09 | 000,000,000 | ---- | C] () -- C:\Users\Vladimir\AppData\Roaming\Components
[2010.11.02 22:39:30 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010.05.30 13:26:47 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.04.19 14:36:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.04.15 19:17:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2012.02.05 15:58:54 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\AcePlanner
[2011.06.11 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Ashampoo
[2012.02.26 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Babylon
[2012.02.28 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer
[2010.04.19 19:24:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer Pro
[2011.10.25 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\CAD-KAS
[2011.12.28 17:51:37 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\calibre
[2012.01.08 12:04:01 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Canon
[2011.01.08 14:39:20 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\DAEMON Tools Lite
[2011.12.12 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GARMIN
[2011.05.21 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GHISLER
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Iceni
[2012.02.26 15:15:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Finder
[2010.04.22 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage PS
[2010.04.20 22:31:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage SL
[2011.07.20 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Nikon
[2010.12.15 21:54:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Opera
[2012.03.04 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\uTorrent
[2011.10.25 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\YCanPDF
[2012.01.17 23:05:19 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Zoner
[2011.12.06 15:17:16 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
OTL logfile created on: 4.3.2012 21:40:59 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Vladimir\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free
8,00 Gb Paging File | 6,26 Gb Available in Paging File | 78,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 68,81 Gb Free Space | 29,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 200,08 Gb Free Space | 21,48% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 14,90 Gb Total Space | 14,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive J: | 7,39 Gb Total Space | 6,96 Gb Free Space | 94,15% Space Free | Partition Type: FAT32
Computer Name: VLADIMIROVO-PC | User Name: Vladimir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.03.04 21:38:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
PRC - [2012.03.04 20:03:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.06 16:30:00 | 001,446,760 | ---- | M] (Garmin) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.01.05 10:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.05.30 13:25:08 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.03.16 01:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.06.04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.05.21 00:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
========== Modules (No Company Name) ==========
MOD - [2012.03.04 20:03:32 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.02.18 17:32:23 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\35b997b2652f8f564b062e6a6e59055f\System.Xml.Linq.ni.dll
MOD - [2012.02.18 17:32:22 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b74e1ad9110a39851b12cb46b3954163\System.Xaml.ni.dll
MOD - [2012.02.16 00:27:42 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bdf555b4cfed144a3b0b60e0308cbf2b\PresentationFramework.ni.dll
MOD - [2012.02.16 00:27:29 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\37cfa5ae8473995db30414fa29167c28\PresentationCore.ni.dll
MOD - [2012.02.16 00:27:28 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\edfa0f31cc4950e16011ecb549f553f7\System.Windows.Forms.ni.dll
MOD - [2012.02.16 00:27:24 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b6ac99f2787a9a672d7a696ef25588ee\System.Core.ni.dll
MOD - [2012.02.16 00:27:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a588133985ef7510d4cc8cc7924f8ec3\System.Xml.ni.dll
MOD - [2012.02.16 00:27:21 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9d5b252266a6084a611b2be84fac9e1c\System.Drawing.ni.dll
MOD - [2012.02.16 00:27:20 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6be8cdc102f384653338279eff1f78fd\WindowsBase.ni.dll
MOD - [2012.02.16 00:27:19 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\f7ddf9585d0b4b46437dc07b50955b64\System.Security.ni.dll
MOD - [2012.02.16 00:27:18 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9dbdf77b1208ccfea1b67b50084c3f1a\PresentationFramework.Aero.ni.dll
MOD - [2012.02.16 00:27:17 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll
MOD - [2011.10.15 17:27:29 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011.04.27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.06.16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.16 01:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.05.31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.08 14:30:28 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.07 11:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2009.07.30 12:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV - [2012.01.08 12:07:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 4f6a042bd6
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B C2 F4 AC F5 37 CB 01 [binary data]
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTe ... 4f6a042bd6
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{59762C52-BB74-41F4-95AF-429DD951DC03}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.startup.homepage: "http://www.planes.cz/cs/"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =302398&p="
FF - prefs.js..network.proxy.backup.ftp: "10.138.1.3"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "10.138.1.3"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "10.138.1.3"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "10.138.1.3"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 1
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vladimir\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vladimir\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.04 20:03:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.18 09:54:27 | 000,000,000 | ---D | M]
[2010.04.19 14:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Extensions
[2012.03.04 21:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\extensions
[2011.08.28 18:16:27 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.05.25 15:15:26 | 000,000,923 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\conduit.xml
[2011.12.20 19:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.04 20:03:33 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.26 14:56:57 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.03.04 20:03:27 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.03.04 20:03:27 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.04.01 17:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.03.04 20:03:27 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.03.04 20:03:27 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.03.04 20:03:27 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vladimir\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray File not found
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Vladimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78192418-F86C-41C1-8AE6-0E699FCECFC9}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A5B847C-6C5E-4EAD-872C-5234710AF95C}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\Shell - "" = AutoRun
O33 - MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.03.04 21:39:10 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
[2012.03.04 21:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.03.04 21:07:30 | 000,000,000 | ---D | C] -- C:\rsit
[2012.02.28 22:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
========== Files - Modified Within 7 Days ==========
[2012.03.04 21:42:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.04 21:42:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.04 21:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 21:38:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Vladimir\Desktop\OTL.exe
[2012.03.04 20:53:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job
[2012.03.04 20:11:34 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 20:11:34 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 20:01:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.04 20:01:14 | 3220,013,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.02 22:06:05 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job
[2012.02.28 22:57:27 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2012.02.28 22:34:50 | 000,001,126 | ---- | M] () -- C:\Users\Vladimir\Desktop\BS.Player FREE.lnk
========== Files Created - No Company Name ==========
[2012.03.04 21:42:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.28 22:57:27 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[2011.12.29 17:02:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Configure Folder Actions
[2011.12.29 17:02:11 | 000,000,268 | RH-- | C] () -- C:\Users\Vladimir\AppData\Roaming\Common
[2011.12.29 17:02:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2011.12.29 17:02:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\InkjetPrinter
[2011.10.25 21:08:59 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2011.09.28 12:16:03 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011.01.05 23:10:30 | 001,503,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.07 11:33:05 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2010.11.02 22:45:09 | 000,000,000 | ---- | C] () -- C:\Users\Vladimir\AppData\Roaming\Components
[2010.11.02 22:39:30 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010.05.30 13:26:47 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.04.19 14:36:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.04.15 19:17:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== LOP Check ==========
[2012.02.05 15:58:54 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\AcePlanner
[2011.06.11 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Ashampoo
[2012.02.26 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Babylon
[2012.02.28 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer
[2010.04.19 19:24:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer Pro
[2011.10.25 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\CAD-KAS
[2011.12.28 17:51:37 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\calibre
[2012.01.08 12:04:01 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Canon
[2011.01.08 14:39:20 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\DAEMON Tools Lite
[2011.12.12 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GARMIN
[2011.05.21 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GHISLER
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Iceni
[2012.02.26 15:15:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Finder
[2010.04.22 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage PS
[2010.04.20 22:31:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage SL
[2011.07.20 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Nikon
[2010.12.15 21:54:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Opera
[2012.03.04 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\uTorrent
[2011.10.25 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\YCanPDF
[2012.01.17 23:05:19 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Zoner
[2011.12.06 15:17:16 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
Re: Babylon search
..pokracovani:
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[3 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.05 15:58:54 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\AcePlanner
[2012.01.20 00:03:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Adobe
[2011.06.11 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Ashampoo
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Aspell
[2012.02.26 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Babylon
[2012.02.28 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer
[2010.04.19 19:24:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer Pro
[2011.10.25 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\CAD-KAS
[2011.12.28 17:51:37 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\calibre
[2012.01.08 12:04:01 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Canon
[2011.01.08 14:39:20 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\DAEMON Tools Lite
[2011.12.12 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GARMIN
[2011.05.21 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GHISLER
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Iceni
[2010.04.15 19:16:22 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Identities
[2010.04.15 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\InstallShield
[2011.05.21 18:42:00 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Macromedia
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Center Programs
[2012.02.26 15:15:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Finder
[2011.12.23 21:49:06 | 000,000,000 | --SD | M] -- C:\Users\Vladimir\AppData\Roaming\Microsoft
[2010.04.19 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Mozilla
[2010.04.22 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage PS
[2010.04.20 22:31:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage SL
[2011.07.20 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Nikon
[2011.02.06 21:45:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NVIDIA
[2010.12.15 21:54:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Opera
[2010.11.13 18:21:06 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Real
[2012.03.04 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\uTorrent
[2010.05.10 20:35:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\WinRAR
[2011.10.25 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\YCanPDF
[2012.01.17 23:05:19 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.02.01 02:45:40 | 000,038,784 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.29 17:01:26 | 000,061,440 | R--- | M] (Acresso Software Inc.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
[2011.07.20 21:17:57 | 000,022,486 | R--- | M] () -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{36132C2B-4043-46F6-982A-E1D2A8B3F18D}\_B8C4224A7AD79964FE0E8C.exe
[2010.11.02 22:41:58 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2010.11.07 21:38:54 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
[2010.12.14 21:47:19 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.30 11:16:58 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2012.02.18 22:35:05 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe
[2011.01.03 15:30:14 | 000,054,272 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\uTorrent\apps\VirusGuard\VirusGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.03.04 21:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 21:42:00 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.03.04 21:53:06 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job
[2012.03.04 21:53:02 | 000,000,974 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Vladimir\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.04.24 21:06:51 | 000,136,176 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.02.25 19:39:40 | 000,740,216 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.05 10:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Media Finder" = "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.03.04 20:03:32 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=5AC757AE411CBC603C33C85F81F8657D -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.07.12 18:52:20 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.04 21:42:38 | 000,000,512 | ---- | M] () MD5=E5BEDDE9473EB7CF93180A02DB7C16D6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.11.09 08:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 08:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2005.10.13 21:40:54 | 000,096,893 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Crack.exe
[2005.08.30 14:13:16 | 000,003,556 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP\CrackF.html
[2011.02.06 19:19:09 | 000,287,032 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\uTorrent\[PC Game-Multi3]Medal of Honor(2010)Crack Repack.torrent
[2008.11.02 14:45:08 | 000,630,118 | ---- | M] () -- \Users\Vladimir\Desktop\HTC\Spb_Mobile_DVD_v1.2.5.119-CRACK.zip
[2011.02.06 19:23:29 | 020,002,160 | ---- | M] () -- \Users\Vladimir\Downloads\[PC Game-Multi3]Medal of Honor(2010)Crack Repack\CRACK\MOH_CRACK.zip
[2010.01.01 12:01:10 | 000,459,907 | ---- | M] () -- \Users\Vladimir\Downloads\Nikon.Capture.NX.v2.2.4-BEAN\crack.rar
< *keygen* /s >
[2005.08.30 14:13:12 | 000,013,367 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html
[2012.01.17 22:53:17 | 000,014,434 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\uTorrent\Zoner.Photo.Studio.Pro.v14.0.1.4.+keygen.torrent
[2007.05.26 22:57:06 | 000,093,184 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\keygen\keygen.exe
[2009.11.07 14:39:22 | 000,237,056 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Power CD DVD Recovery v2.1.1 Keygen AT4RE\keygen.exe
< *loader* /s >
[2005.03.24 12:51:08 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2007.10.22 14:35:34 | 000,011,916 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\NoiseNinjaPlugin_Win32\doc\auto_loader.htm
[2011.12.22 19:19:40 | 000,044,032 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\PyISAPI_loader.dll
[2005.03.16 18:16:50 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.10.10 18:02:42 | 000,132,096 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll
[2010.09.02 04:45:20 | 000,065,536 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\PhysXLocal\PhysXLoader.dll
[2010.09.25 12:33:10 | 001,933,161 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp\loader-00.fbrb
[2010.09.25 12:33:11 | 005,968,346 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_01\loader-00.fbrb
[2010.09.25 12:33:12 | 005,755,952 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_02\loader-00.fbrb
[2010.09.25 12:33:19 | 055,099,465 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_03\loader-00.fbrb
[2010.09.25 12:33:19 | 002,954,487 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_04\loader-00.fbrb
[2010.09.25 12:33:25 | 047,101,846 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_05\loader-00.fbrb
[2010.09.25 12:33:32 | 050,561,194 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_06\loader-00.fbrb
[2010.09.25 12:33:39 | 055,282,402 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_07\loader-00.fbrb
[2010.09.25 12:33:46 | 049,203,256 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_08\loader-00.fbrb
[2010.09.25 12:33:52 | 047,279,340 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_09\loader-00.fbrb
[2010.09.25 12:33:59 | 049,418,362 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_10\loader-00.fbrb
[2010.09.25 12:28:14 | 017,474,214 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_01\loader-00.fbrb
[2010.09.25 12:28:19 | 016,173,085 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_02\loader-00.fbrb
[2010.09.25 12:28:28 | 017,335,818 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_04\loader-00.fbrb
[2010.09.25 12:28:31 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_domination\loader-00.fbrb
[2010.09.25 12:28:32 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_overrun\loader-00.fbrb
[2010.09.25 12:28:33 | 008,007,355 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_tdm\loader-00.fbrb
[2010.09.25 12:28:35 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_domination\loader-00.fbrb
[2010.09.25 12:28:36 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_overrun\loader-00.fbrb
[2010.09.25 12:28:37 | 007,984,585 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_tdm\loader-00.fbrb
[2010.09.25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_domination\loader-00.fbrb
[2010.09.25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_overrun\loader-00.fbrb
[2010.09.25 12:28:41 | 008,022,594 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_tdm\loader-00.fbrb
[2010.09.25 12:28:42 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_domination\loader-00.fbrb
[2010.09.25 12:28:45 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_overrun\loader-00.fbrb
[2010.09.25 12:28:46 | 007,988,318 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_tdm\loader-00.fbrb
[2010.09.25 12:28:46 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_domination\loader-00.fbrb
[2010.09.25 12:28:48 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_overrun\loader-00.fbrb
[2010.09.25 12:28:49 | 008,018,170 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_tdm\loader-00.fbrb
[2005.08.30 14:12:58 | 000,056,807 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Commands\FLVFileLoader.swf
[2005.08.30 14:13:18 | 000,000,681 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 14:13:18 | 000,008,203 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2005.08.30 14:13:30 | 001,040,384 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\JSExtensions\swfloader.dll
[2006.08.16 04:25:58 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue.dds
[2006.08.16 04:25:58 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_bump.dds
[2006.08.16 04:26:00 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_lm.dds
[2006.08.16 04:26:00 | 000,349,648 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_specular.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey_lm.dds
[2006.09.04 21:21:28 | 000,301,367 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderBlue\model\VEH_Air_BagLoaderBlue.mdl
[2006.09.04 21:21:30 | 000,301,815 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderGrey\model\VEH_Air_BagLoaderGrey.mdl
[2010.01.29 05:43:52 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.01.29 05:54:10 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.03.15 10:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.12.06 13:06:24 | 000,429,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 13:06:40 | 000,444,416 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2011.12.19 16:12:24 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.19 16:12:36 | 000,016,776 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2011.12.19 16:13:26 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2010.05.30 13:25:49 | 000,001,399 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2010.05.30 13:25:49 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2010.05.30 13:25:49 | 000,001,399 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2010.05.30 13:25:49 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2005.08.30 14:13:18 | 000,000,681 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 14:13:18 | 000,008,203 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2003.08.27 16:32:14 | 000,002,459 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Temp\FlashElements\ImageViewer\mx.controls.Loader.asi
[2009.06.01 20:46:56 | 000,000,506 | -HS- | M] () -- \Users\Vladimir\Documents\downloads_sw\USDownloader.exe.manifest
[2009.03.27 17:20:48 | 000,015,737 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ara.lng
[2009.06.01 20:48:29 | 000,017,759 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.bul.lng
[2007.06.14 13:02:10 | 000,018,268 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.cat.lng
[2008.09.10 21:55:24 | 000,013,529 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.chs.lng
[2009.06.15 19:32:22 | 000,016,996 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.cze.lng
[2008.08.07 16:54:58 | 000,017,527 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.de.lng
[2008.06.27 14:06:52 | 000,017,786 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.du.lng
[2007.06.14 13:03:14 | 000,017,427 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ell.lng
[2008.06.24 22:56:06 | 000,016,557 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.eng.lng
[2009.02.02 13:30:30 | 000,016,371 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.est.lng
[2008.04.20 00:05:08 | 000,019,089 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.fre.lng
[2008.10.23 10:12:58 | 000,017,548 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.gal.lng
[2008.11.22 15:49:18 | 000,019,443 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.hu.lng
[2007.06.19 12:48:14 | 000,017,335 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.it.lng
[2008.07.02 12:35:08 | 000,016,525 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.lit.lng
[2009.06.01 20:48:30 | 000,018,195 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.lv.lng
[2007.12.16 03:50:52 | 000,016,839 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.nor.lng
[2008.03.13 14:46:26 | 000,016,695 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.pl.lng
[2007.06.18 21:11:58 | 000,017,909 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ptbr.lng
[2008.11.19 16:13:38 | 000,017,758 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ro.lng
[2007.07.26 11:58:28 | 000,013,780 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.rus.lng
[2008.06.27 22:56:08 | 000,016,918 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ser.lng
[2007.11.20 10:44:34 | 000,016,760 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.sk.lng
[2008.12.22 11:21:12 | 000,018,346 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.spa.lng
[2009.06.01 20:48:31 | 000,016,308 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.swe.lng
[2009.06.01 20:48:31 | 000,017,057 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.thai.lng
[2008.07.04 09:59:50 | 000,017,726 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.tr.lng
[2008.05.06 00:41:22 | 000,013,624 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.tw.lng
[2007.06.14 13:05:38 | 000,017,043 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ukr.lng
[2009.03.20 17:41:36 | 000,034,304 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Plugins\SexUploader.plg
[2010.04.19 14:28:04 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.20 21:48:43 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.20 21:48:43 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.20 21:48:44 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.20 21:48:44 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.20 21:48:45 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Extras:
OTL Extras logfile created on: 4.3.2012 21:40:59 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Vladimir\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free
8,00 Gb Paging File | 6,26 Gb Available in Paging File | 78,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 68,81 Gb Free Space | 29,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 200,08 Gb Free Space | 21,48% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 14,90 Gb Total Space | 14,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive J: | 7,39 Gb Total Space | 6,96 Gb Free Space | 94,15% Space Free | Partition Type: FAT32
Computer Name: VLADIMIROVO-PC | User Name: Vladimir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{38FA7C5F-914D-4725-ACF2-2FD940AD0BF9}" = Adobe Photoshop Lightroom 2.1 64-bit
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{36132C2B-4043-46F6-982A-E1D2A8B3F18D}" = Watermark
"{3C19E918-13AF-4C57-B50D-8C3738EFCABF}" = TOPO Czech 2010
"{41357C72-23AD-440C-9538-3350AF076253}" = calibre
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F50C25D-9236-42EE-86A4-F0BC39A543AE}" = TOPO Czech 3 PRO
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{66D6418E-466C-4567-B4E8-2CB29F5566DE}" = Adresy CR v1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4D77A09-10EA-4574-8C09-9B6E1A21C95F}" = Virus Guard - powered by BitDefender
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{DB53DDFA-C370-4B07-B631-217CDBA74FDE}" = XHD B09.0714.01
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.18
"AcePlanner" = AcePlanner 1.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"BattlEye" = BattlEye Uninstall
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 10.0.2 (x86 cs)" = Mozilla Firefox 10.0.2 (x86 cs)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Neat Image_is1" = Neat Image v6.0 Pro+
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP980 series" = Registrace uživatele zařízení Canon MP980 series
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.2.2012 12:52:17 | Computer Name = Vladimirovo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Capture NX 2.exe, verze: 2.3.0.0, časové
razítko: 0x4ec99649 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651,
časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc ID chybujícího
procesu: 0x12ac Čas spuštění chybující aplikace: 0x01ccf4a6ff8b7339 Cesta k chybující
aplikaci: C:\Users\Vladimir\Downloads\Nikon.Capture.NX.v2.3.0-BEAN\crack\Capture
NX 2.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy:
3d686d47-609a-11e1-9a38-6cf049029681
Error - 26.2.2012 12:56:45 | Computer Name = Vladimirovo-PC | Source = NtServicePack | ID = 921877
Description =
Error - 26.2.2012 12:56:50 | Computer Name = Vladimirovo-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.2.2012 17:29:24 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 27.2.2012 17:30:05 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 27.2.2012 18:05:14 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 27.2.2012 18:05:16 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 3.3.2012 21:09:44 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 3.3.2012 21:10:17 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 4.3.2012 16:13:52 | Computer Name = Vladimirovo-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e70 Čas spuštění: 01ccfa426ca5f732 Čas ukončení: 3 Cesta k aplikaci: C:\Users\Vladimir\Downloads\RSITx64.exe
ID
hlášení:
[ Media Center Events ]
Error - 21.5.2010 18:08:22 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 0:08:21 - Chyba při připojování k Internetu 0:08:21 - Nelze kontaktovat
server..
Error - 30.5.2010 16:15:48 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 22:15:48 - Chyba při připojování k Internetu 22:15:48 - Nelze kontaktovat
server..
Error - 30.5.2010 16:17:19 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 22:17:13 - Chyba při připojování k Internetu 22:17:13 - Nelze kontaktovat
server..
Error - 30.5.2010 17:18:19 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 23:18:19 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)
Error - 7.6.2010 15:22:34 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 21:22:33 - Chyba při připojování k Internetu 21:22:34 - Nelze kontaktovat
server..
Error - 7.6.2010 15:23:53 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 21:23:45 - Chyba při připojování k Internetu 21:23:45 - Nelze kontaktovat
server..
Error - 20.10.2010 12:32:05 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 18:32:05 - Chyba při připojování k Internetu 18:32:05 - Nelze kontaktovat
server..
Error - 20.10.2010 12:33:21 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 18:33:17 - Chyba při připojování k Internetu 18:33:17 - Nelze kontaktovat
server..
Error - 1.11.2010 14:55:24 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 19:55:23 - Chyba při připojování k Internetu 19:55:24 - Nelze kontaktovat
server..
Error - 1.11.2010 14:55:52 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 19:55:45 - Chyba při připojování k Internetu 19:55:45 - Nelze kontaktovat
server..
[ System Events ]
Error - 27.2.2012 16:11:53 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 27.2.2012 18:50:24 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 28.2.2012 16:54:59 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 28.2.2012 18:35:56 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 2.3.2012 15:03:41 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 2.3.2012 17:30:52 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 3.3.2012 18:15:05 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.3.2012 7:35:08 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 4.3.2012 15:01:30 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.3.2012 16:31:50 | Computer Name = Vladimirovo-PC | Source = DCOM | ID = 10010
Description =
< End of report >
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[3 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.05 15:58:54 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\AcePlanner
[2012.01.20 00:03:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Adobe
[2011.06.11 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Ashampoo
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Aspell
[2012.02.26 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Babylon
[2012.02.28 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer
[2010.04.19 19:24:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\BSplayer Pro
[2011.10.25 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\CAD-KAS
[2011.12.28 17:51:37 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\calibre
[2012.01.08 12:04:01 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Canon
[2011.01.08 14:39:20 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\DAEMON Tools Lite
[2011.12.12 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GARMIN
[2011.05.21 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\GHISLER
[2010.11.07 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Iceni
[2010.04.15 19:16:22 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Identities
[2010.04.15 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\InstallShield
[2011.05.21 18:42:00 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Macromedia
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Center Programs
[2012.02.26 15:15:08 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Media Finder
[2011.12.23 21:49:06 | 000,000,000 | --SD | M] -- C:\Users\Vladimir\AppData\Roaming\Microsoft
[2010.04.19 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Mozilla
[2010.04.22 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage PS
[2010.04.20 22:31:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NeatImage SL
[2011.07.20 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Nikon
[2011.02.06 21:45:15 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\NVIDIA
[2010.12.15 21:54:39 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Opera
[2010.11.13 18:21:06 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Real
[2012.03.04 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\uTorrent
[2010.05.10 20:35:23 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\WinRAR
[2011.10.25 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\YCanPDF
[2012.01.17 23:05:19 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.02.01 02:45:40 | 000,038,784 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.29 17:01:26 | 000,061,440 | R--- | M] (Acresso Software Inc.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
[2011.07.20 21:17:57 | 000,022,486 | R--- | M] () -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{36132C2B-4043-46F6-982A-E1D2A8B3F18D}\_B8C4224A7AD79964FE0E8C.exe
[2010.11.02 22:41:58 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2010.11.07 21:38:54 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Vladimir\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
[2010.12.14 21:47:19 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.30 11:16:58 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2012.02.18 22:35:05 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Vladimir\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe
[2011.01.03 15:30:14 | 000,054,272 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\uTorrent\apps\VirusGuard\VirusGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.03.04 21:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 21:42:00 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.03.04 21:53:06 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job
[2012.03.04 21:53:02 | 000,000,974 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Vladimir\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.04.24 21:06:51 | 000,136,176 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.02.25 19:39:40 | 000,740,216 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.05 10:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Media Finder" = "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.03.04 20:03:32 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=5AC757AE411CBC603C33C85F81F8657D -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.07.12 18:52:20 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.04 21:42:38 | 000,000,512 | ---- | M] () MD5=E5BEDDE9473EB7CF93180A02DB7C16D6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.11.09 08:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 08:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2005.10.13 21:40:54 | 000,096,893 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Crack.exe
[2005.08.30 14:13:16 | 000,003,556 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP\CrackF.html
[2011.02.06 19:19:09 | 000,287,032 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\uTorrent\[PC Game-Multi3]Medal of Honor(2010)Crack Repack.torrent
[2008.11.02 14:45:08 | 000,630,118 | ---- | M] () -- \Users\Vladimir\Desktop\HTC\Spb_Mobile_DVD_v1.2.5.119-CRACK.zip
[2011.02.06 19:23:29 | 020,002,160 | ---- | M] () -- \Users\Vladimir\Downloads\[PC Game-Multi3]Medal of Honor(2010)Crack Repack\CRACK\MOH_CRACK.zip
[2010.01.01 12:01:10 | 000,459,907 | ---- | M] () -- \Users\Vladimir\Downloads\Nikon.Capture.NX.v2.2.4-BEAN\crack.rar
< *keygen* /s >
[2005.08.30 14:13:12 | 000,013,367 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html
[2012.01.17 22:53:17 | 000,014,434 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\uTorrent\Zoner.Photo.Studio.Pro.v14.0.1.4.+keygen.torrent
[2007.05.26 22:57:06 | 000,093,184 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\keygen\keygen.exe
[2009.11.07 14:39:22 | 000,237,056 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Power CD DVD Recovery v2.1.1 Keygen AT4RE\keygen.exe
< *loader* /s >
[2005.03.24 12:51:08 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2007.10.22 14:35:34 | 000,011,916 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\NoiseNinjaPlugin_Win32\doc\auto_loader.htm
[2011.12.22 19:19:40 | 000,044,032 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\PyISAPI_loader.dll
[2005.03.16 18:16:50 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.10.10 18:02:42 | 000,132,096 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll
[2010.09.02 04:45:20 | 000,065,536 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\PhysXLocal\PhysXLoader.dll
[2010.09.25 12:33:10 | 001,933,161 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp\loader-00.fbrb
[2010.09.25 12:33:11 | 005,968,346 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_01\loader-00.fbrb
[2010.09.25 12:33:12 | 005,755,952 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_02\loader-00.fbrb
[2010.09.25 12:33:19 | 055,099,465 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_03\loader-00.fbrb
[2010.09.25 12:33:19 | 002,954,487 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_04\loader-00.fbrb
[2010.09.25 12:33:25 | 047,101,846 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_05\loader-00.fbrb
[2010.09.25 12:33:32 | 050,561,194 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_06\loader-00.fbrb
[2010.09.25 12:33:39 | 055,282,402 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_07\loader-00.fbrb
[2010.09.25 12:33:46 | 049,203,256 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_08\loader-00.fbrb
[2010.09.25 12:33:52 | 047,279,340 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_09\loader-00.fbrb
[2010.09.25 12:33:59 | 049,418,362 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_10\loader-00.fbrb
[2010.09.25 12:28:14 | 017,474,214 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_01\loader-00.fbrb
[2010.09.25 12:28:19 | 016,173,085 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_02\loader-00.fbrb
[2010.09.25 12:28:28 | 017,335,818 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_04\loader-00.fbrb
[2010.09.25 12:28:31 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_domination\loader-00.fbrb
[2010.09.25 12:28:32 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_overrun\loader-00.fbrb
[2010.09.25 12:28:33 | 008,007,355 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_tdm\loader-00.fbrb
[2010.09.25 12:28:35 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_domination\loader-00.fbrb
[2010.09.25 12:28:36 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_overrun\loader-00.fbrb
[2010.09.25 12:28:37 | 007,984,585 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_tdm\loader-00.fbrb
[2010.09.25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_domination\loader-00.fbrb
[2010.09.25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_overrun\loader-00.fbrb
[2010.09.25 12:28:41 | 008,022,594 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_tdm\loader-00.fbrb
[2010.09.25 12:28:42 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_domination\loader-00.fbrb
[2010.09.25 12:28:45 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_overrun\loader-00.fbrb
[2010.09.25 12:28:46 | 007,988,318 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_tdm\loader-00.fbrb
[2010.09.25 12:28:46 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_domination\loader-00.fbrb
[2010.09.25 12:28:48 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_overrun\loader-00.fbrb
[2010.09.25 12:28:49 | 008,018,170 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_tdm\loader-00.fbrb
[2005.08.30 14:12:58 | 000,056,807 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Commands\FLVFileLoader.swf
[2005.08.30 14:13:18 | 000,000,681 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 14:13:18 | 000,008,203 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2005.08.30 14:13:30 | 001,040,384 | ---- | M] () -- \Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\JSExtensions\swfloader.dll
[2006.08.16 04:25:58 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue.dds
[2006.08.16 04:25:58 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_bump.dds
[2006.08.16 04:26:00 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_lm.dds
[2006.08.16 04:26:00 | 000,349,648 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_specular.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey.dds
[2006.08.16 04:26:04 | 000,174,888 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey_lm.dds
[2006.09.04 21:21:28 | 000,301,367 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderBlue\model\VEH_Air_BagLoaderBlue.mdl
[2006.09.04 21:21:30 | 000,301,815 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderGrey\model\VEH_Air_BagLoaderGrey.mdl
[2010.01.29 05:43:52 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.01.29 05:54:10 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.03.15 10:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.12.06 13:06:24 | 000,429,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 13:06:40 | 000,444,416 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2011.12.19 16:12:24 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.19 16:12:36 | 000,016,776 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2011.12.19 16:13:26 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2010.05.30 13:25:49 | 000,001,399 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2010.05.30 13:25:49 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2010.05.30 13:25:49 | 000,001,399 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2010.05.30 13:25:49 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2005.08.30 14:13:18 | 000,000,681 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 14:13:18 | 000,008,203 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2003.08.27 16:32:14 | 000,002,459 | ---- | M] () -- \Users\Vladimir\AppData\Roaming\Macromedia\Dreamweaver 8\Configuration\Temp\FlashElements\ImageViewer\mx.controls.Loader.asi
[2009.06.01 20:46:56 | 000,000,506 | -HS- | M] () -- \Users\Vladimir\Documents\downloads_sw\USDownloader.exe.manifest
[2009.03.27 17:20:48 | 000,015,737 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ara.lng
[2009.06.01 20:48:29 | 000,017,759 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.bul.lng
[2007.06.14 13:02:10 | 000,018,268 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.cat.lng
[2008.09.10 21:55:24 | 000,013,529 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.chs.lng
[2009.06.15 19:32:22 | 000,016,996 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.cze.lng
[2008.08.07 16:54:58 | 000,017,527 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.de.lng
[2008.06.27 14:06:52 | 000,017,786 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.du.lng
[2007.06.14 13:03:14 | 000,017,427 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ell.lng
[2008.06.24 22:56:06 | 000,016,557 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.eng.lng
[2009.02.02 13:30:30 | 000,016,371 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.est.lng
[2008.04.20 00:05:08 | 000,019,089 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.fre.lng
[2008.10.23 10:12:58 | 000,017,548 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.gal.lng
[2008.11.22 15:49:18 | 000,019,443 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.hu.lng
[2007.06.19 12:48:14 | 000,017,335 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.it.lng
[2008.07.02 12:35:08 | 000,016,525 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.lit.lng
[2009.06.01 20:48:30 | 000,018,195 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.lv.lng
[2007.12.16 03:50:52 | 000,016,839 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.nor.lng
[2008.03.13 14:46:26 | 000,016,695 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.pl.lng
[2007.06.18 21:11:58 | 000,017,909 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ptbr.lng
[2008.11.19 16:13:38 | 000,017,758 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ro.lng
[2007.07.26 11:58:28 | 000,013,780 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.rus.lng
[2008.06.27 22:56:08 | 000,016,918 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ser.lng
[2007.11.20 10:44:34 | 000,016,760 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.sk.lng
[2008.12.22 11:21:12 | 000,018,346 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.spa.lng
[2009.06.01 20:48:31 | 000,016,308 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.swe.lng
[2009.06.01 20:48:31 | 000,017,057 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.thai.lng
[2008.07.04 09:59:50 | 000,017,726 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.tr.lng
[2008.05.06 00:41:22 | 000,013,624 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.tw.lng
[2007.06.14 13:05:38 | 000,017,043 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Langs\USDownloader.ukr.lng
[2009.03.20 17:41:36 | 000,034,304 | ---- | M] () -- \Users\Vladimir\Documents\downloads_sw\Plugins\SexUploader.plg
[2010.04.19 14:28:04 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.20 21:48:43 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.20 21:48:43 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.20 21:48:44 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.20 21:48:44 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.20 21:48:45 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Extras:
OTL Extras logfile created on: 4.3.2012 21:40:59 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Vladimir\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,25% Memory free
8,00 Gb Paging File | 6,26 Gb Available in Paging File | 78,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 68,81 Gb Free Space | 29,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 200,08 Gb Free Space | 21,48% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 14,90 Gb Total Space | 14,90 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive J: | 7,39 Gb Total Space | 6,96 Gb Free Space | 94,15% Space Free | Partition Type: FAT32
Computer Name: VLADIMIROVO-PC | User Name: Vladimir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{38FA7C5F-914D-4725-ACF2-2FD940AD0BF9}" = Adobe Photoshop Lightroom 2.1 64-bit
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{36132C2B-4043-46F6-982A-E1D2A8B3F18D}" = Watermark
"{3C19E918-13AF-4C57-B50D-8C3738EFCABF}" = TOPO Czech 2010
"{41357C72-23AD-440C-9538-3350AF076253}" = calibre
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F50C25D-9236-42EE-86A4-F0BC39A543AE}" = TOPO Czech 3 PRO
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{66D6418E-466C-4567-B4E8-2CB29F5566DE}" = Adresy CR v1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4D77A09-10EA-4574-8C09-9B6E1A21C95F}" = Virus Guard - powered by BitDefender
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{DB53DDFA-C370-4B07-B631-217CDBA74FDE}" = XHD B09.0714.01
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.18
"AcePlanner" = AcePlanner 1.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"BattlEye" = BattlEye Uninstall
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 10.0.2 (x86 cs)" = Mozilla Firefox 10.0.2 (x86 cs)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Neat Image_is1" = Neat Image v6.0 Pro+
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP980 series" = Registrace uživatele zařízení Canon MP980 series
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.2.2012 12:52:17 | Computer Name = Vladimirovo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Capture NX 2.exe, verze: 2.3.0.0, časové
razítko: 0x4ec99649 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651,
časové razítko: 0x4e211319 Kód výjimky: 0xe0434352 Posun chyby: 0x0000b9bc ID chybujícího
procesu: 0x12ac Čas spuštění chybující aplikace: 0x01ccf4a6ff8b7339 Cesta k chybující
aplikaci: C:\Users\Vladimir\Downloads\Nikon.Capture.NX.v2.3.0-BEAN\crack\Capture
NX 2.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy:
3d686d47-609a-11e1-9a38-6cf049029681
Error - 26.2.2012 12:56:45 | Computer Name = Vladimirovo-PC | Source = NtServicePack | ID = 921877
Description =
Error - 26.2.2012 12:56:50 | Computer Name = Vladimirovo-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.2.2012 17:29:24 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 27.2.2012 17:30:05 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 27.2.2012 18:05:14 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 27.2.2012 18:05:16 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 3.3.2012 21:09:44 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.
Error - 3.3.2012 21:10:17 | Computer Name = Vladimirovo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 4.3.2012 16:13:52 | Computer Name = Vladimirovo-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e70 Čas spuštění: 01ccfa426ca5f732 Čas ukončení: 3 Cesta k aplikaci: C:\Users\Vladimir\Downloads\RSITx64.exe
ID
hlášení:
[ Media Center Events ]
Error - 21.5.2010 18:08:22 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 0:08:21 - Chyba při připojování k Internetu 0:08:21 - Nelze kontaktovat
server..
Error - 30.5.2010 16:15:48 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 22:15:48 - Chyba při připojování k Internetu 22:15:48 - Nelze kontaktovat
server..
Error - 30.5.2010 16:17:19 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 22:17:13 - Chyba při připojování k Internetu 22:17:13 - Nelze kontaktovat
server..
Error - 30.5.2010 17:18:19 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 23:18:19 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)
Error - 7.6.2010 15:22:34 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 21:22:33 - Chyba při připojování k Internetu 21:22:34 - Nelze kontaktovat
server..
Error - 7.6.2010 15:23:53 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 21:23:45 - Chyba při připojování k Internetu 21:23:45 - Nelze kontaktovat
server..
Error - 20.10.2010 12:32:05 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 18:32:05 - Chyba při připojování k Internetu 18:32:05 - Nelze kontaktovat
server..
Error - 20.10.2010 12:33:21 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 18:33:17 - Chyba při připojování k Internetu 18:33:17 - Nelze kontaktovat
server..
Error - 1.11.2010 14:55:24 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 19:55:23 - Chyba při připojování k Internetu 19:55:24 - Nelze kontaktovat
server..
Error - 1.11.2010 14:55:52 | Computer Name = Vladimirovo-PC | Source = MCUpdate | ID = 0
Description = 19:55:45 - Chyba při připojování k Internetu 19:55:45 - Nelze kontaktovat
server..
[ System Events ]
Error - 27.2.2012 16:11:53 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 27.2.2012 18:50:24 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 28.2.2012 16:54:59 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 28.2.2012 18:35:56 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 2.3.2012 15:03:41 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 2.3.2012 17:30:52 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 3.3.2012 18:15:05 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.3.2012 7:35:08 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7016
Description = Služba NVIDIA Stereoscopic 3D Driver Service ohlásila neplatný současný
stav 0.
Error - 4.3.2012 15:01:30 | Computer Name = Vladimirovo-PC | Source = Service Control Manager | ID = 7000
Description = Služba Printer Control neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.3.2012 16:31:50 | Computer Name = Vladimirovo-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Re: Babylon search
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 4f6a042bd6 IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B C2 F4 AC F5 37 CB 01 [binary data] IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=ececae55000000000000004f6a042bd6 IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{59762C52-BB74-41F4-95AF-429DD951DC03}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms} IE - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12" FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..network.proxy.backup.ftp: "10.138.1.3" FF - prefs.js..network.proxy.backup.ftp_port: 80 FF - prefs.js..network.proxy.backup.gopher: "10.138.1.3" FF - prefs.js..network.proxy.backup.gopher_port: 80 FF - prefs.js..network.proxy.backup.socks: "10.138.1.3" FF - prefs.js..network.proxy.backup.socks_port: 80 FF - prefs.js..network.proxy.backup.ssl: "10.138.1.3" FF - prefs.js..network.proxy.backup.ssl_port: 80 FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.gopher_port: 80 FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks_port: 80 FF - prefs.js..network.proxy.ssl_port: 80 FF - prefs.js..network.proxy.type: 1 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found [2011.05.25 15:15:26 | 000,000,923 | ---- | M] () -- C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\conduit.xml O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites) O15 - HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\Shell - "" = AutoRun [6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\*.tmp -> ] [3 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ] [3 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ] [2012.02.26 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\Vladimir\AppData\Roaming\Babylon [2012.03.04 21:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.03.04 21:42:00 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.03.04 21:53:06 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job [2012.03.04 21:53:02 | 000,000,974 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job :services gupdate gupdatem Application Updater :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- "uTorrent"=- "DAEMON Tools Lite"=- "Media Finder"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=- "TkBellExe"=- "Nikon Message Center 2"=- "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- ""=- "SearchSettings"=- :files C:\Program Files (x86)\Common Files\Spigot C:\Program Files (x86)\Application Updater C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk c:\Program Files (x86)\Macromedia\Dreamweaver 8\Crack.exe c:\Users\Vladimir\AppData\Roaming\uTorrent\[PC Game-Multi3]Medal of Honor(2010)Crack Repack.torrent c:\Users\Vladimir\Desktop\HTC\Spb_Mobile_DVD_v1.2.5.119-CRACK.zip c:\Users\Vladimir\Downloads\[PC Game-Multi3]Medal of Honor(2010)Crack Repack\CRACK\MOH_CRACK.zip c:\Users\Vladimir\Downloads\Nikon.Capture.NX.v2.2.4-BEAN\crack.rar c:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html c:\Users\Vladimir\AppData\Roaming\uTorrent\Zoner.Photo.Studio.Pro.v14.0.1.4.+keygen.torrent c:\Users\Vladimir\Documents\downloads_sw\keygen\keygen.exe c:\Users\Vladimir\Documents\downloads_sw\Power CD DVD Recovery v2.1.1 Keygen AT4RE\keygen.exe %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Babylon search
Dobry vecer,
prikladam OTL log:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{59762C52-BB74-41F4-95AF-429DD951DC03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59762C52-BB74-41F4-95AF-429DD951DC03}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=302398&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: "http://search.yahoo.com/search?fr=green ... =302398&p=" removed from keyword.URL
Prefs.js: "10.138.1.3" removed from network.proxy.backup.ftp
Prefs.js: 80 removed from network.proxy.backup.ftp_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.gopher
Prefs.js: 80 removed from network.proxy.backup.gopher_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.socks
Prefs.js: 80 removed from network.proxy.backup.socks_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.ssl
Prefs.js: 80 removed from network.proxy.backup.ssl_port
Prefs.js: 80 removed from network.proxy.ftp_port
Prefs.js: 80 removed from network.proxy.gopher_port
Prefs.js: 80 removed from network.proxy.http_port
Prefs.js: "localhost,127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: 80 removed from network.proxy.socks_port
Prefs.js: 80 removed from network.proxy.ssl_port
Prefs.js: 1 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E0D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67D6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9DF3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA342.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDE6F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP424F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7EE1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8892.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBA2A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD741.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\BITDABA.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\BITDABB.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2126.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3044.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt379.tmp deleted successfully.
C:\Users\Vladimir\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Media Finder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
File\Folder C:\Program Files (x86)\Application Updater not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
c:\Program Files (x86)\Macromedia\Dreamweaver 8\Crack.exe moved successfully.
c:\Users\Vladimir\AppData\Roaming\uTorrent\[PC Game-Multi3]Medal of Honor(2010)Crack Repack.torrent moved successfully.
c:\Users\Vladimir\Desktop\HTC\Spb_Mobile_DVD_v1.2.5.119-CRACK.zip moved successfully.
c:\Users\Vladimir\Downloads\[PC Game-Multi3]Medal of Honor(2010)Crack Repack\CRACK\MOH_CRACK.zip moved successfully.
c:\Users\Vladimir\Downloads\Nikon.Capture.NX.v2.2.4-BEAN\crack.rar moved successfully.
c:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html moved successfully.
c:\Users\Vladimir\AppData\Roaming\uTorrent\Zoner.Photo.Studio.Pro.v14.0.1.4.+keygen.torrent moved successfully.
c:\Users\Vladimir\Documents\downloads_sw\keygen\keygen.exe moved successfully.
c:\Users\Vladimir\Documents\downloads_sw\Power CD DVD Recovery v2.1.1 Keygen AT4RE\keygen.exe moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Vladimir
->Temp folder emptied: 11821892 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->Java cache emptied: 9056618 bytes
->FireFox cache emptied: 174966407 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 43380 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22564 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85181 bytes
RecycleBin emptied: 179454 bytes
Total Files Cleaned = 187,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Flash cache emptied: 0 bytes
User: Vladimir
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.35.1 log created on 03052012_200454
Files\Folders moved on Reboot...
C:\Users\Vladimir\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
prikladam OTL log:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{59762C52-BB74-41F4-95AF-429DD951DC03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59762C52-BB74-41F4-95AF-429DD951DC03}\ not found.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=302398&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: "http://search.yahoo.com/search?fr=green ... =302398&p=" removed from keyword.URL
Prefs.js: "10.138.1.3" removed from network.proxy.backup.ftp
Prefs.js: 80 removed from network.proxy.backup.ftp_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.gopher
Prefs.js: 80 removed from network.proxy.backup.gopher_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.socks
Prefs.js: 80 removed from network.proxy.backup.socks_port
Prefs.js: "10.138.1.3" removed from network.proxy.backup.ssl
Prefs.js: 80 removed from network.proxy.backup.ssl_port
Prefs.js: 80 removed from network.proxy.ftp_port
Prefs.js: 80 removed from network.proxy.gopher_port
Prefs.js: 80 removed from network.proxy.http_port
Prefs.js: "localhost,127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: 80 removed from network.proxy.socks_port
Prefs.js: 80 removed from network.proxy.ssl_port
Prefs.js: 1 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ztrxe5zo.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2196302773-2579179296-1320928725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a321fdb-3cd9-11e0-9d68-6cf049029681}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E0D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67D6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9DF3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA342.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDE6F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP424F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7EE1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8892.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBA2A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD741.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\6b986fcefc4ddf45d2c157ae08ee07e4\BITDABA.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\e2ae778f2037152039ec560f0abd6f3e\BITDABB.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2126.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3044.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt379.tmp deleted successfully.
C:\Users\Vladimir\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2196302773-2579179296-1320928725-1000UA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Media Finder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
File\Folder C:\Program Files (x86)\Application Updater not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
c:\Program Files (x86)\Macromedia\Dreamweaver 8\Crack.exe moved successfully.
c:\Users\Vladimir\AppData\Roaming\uTorrent\[PC Game-Multi3]Medal of Honor(2010)Crack Repack.torrent moved successfully.
c:\Users\Vladimir\Desktop\HTC\Spb_Mobile_DVD_v1.2.5.119-CRACK.zip moved successfully.
c:\Users\Vladimir\Downloads\[PC Game-Multi3]Medal of Honor(2010)Crack Repack\CRACK\MOH_CRACK.zip moved successfully.
c:\Users\Vladimir\Downloads\Nikon.Capture.NX.v2.2.4-BEAN\crack.rar moved successfully.
c:\Program Files (x86)\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html moved successfully.
c:\Users\Vladimir\AppData\Roaming\uTorrent\Zoner.Photo.Studio.Pro.v14.0.1.4.+keygen.torrent moved successfully.
c:\Users\Vladimir\Documents\downloads_sw\keygen\keygen.exe moved successfully.
c:\Users\Vladimir\Documents\downloads_sw\Power CD DVD Recovery v2.1.1 Keygen AT4RE\keygen.exe moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Vladimir
->Temp folder emptied: 11821892 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->Java cache emptied: 9056618 bytes
->FireFox cache emptied: 174966407 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 43380 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22564 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85181 bytes
RecycleBin emptied: 179454 bytes
Total Files Cleaned = 187,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Flash cache emptied: 0 bytes
User: Vladimir
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.35.1 log created on 03052012_200454
Files\Folders moved on Reboot...
C:\Users\Vladimir\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Re: Babylon search
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Babylon search
Dobry vecer, zatim to vypada dobre
Diky moc, kdyztak se s dovolenim zase ozvu.
Pekny vecer !
Diky moc, kdyztak se s dovolenim zase ozvu.
Pekny vecer !
Re: Babylon search
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A je to 
Nemate zac, rado se stalo
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?