Dobrý den
Prosím o kontrolu logu, ráno vše fungovalo a nyní nejdou pouštět na youtube videa, je to celé zelené. Zkoušel jsem ovladače graf. flash atd. a nic. Vypadá to na vir...
Logfile of random's system information tool 1.09 (written by random/random)
Run by John at 2013-11-16 23:31:28
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 18 GB (37%) free of 50 GB
Total RAM: 3007 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:31:33, on 16.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\John\Desktop\RSIT.exe
C:\Program Files\trend micro\John.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [FreePDF Assistant] "C:\Program Files\FreePDF_XP\fpassist.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /schedule 300000
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe" Minimum
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 7760 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2zm55zb5.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-01-17 2548552]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2011-02-23 371200]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-09 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"Exetender_298"=C:\Program Files\Frag Games\GPlayer.exe /schedule 300000 []
"OscarEditor"=C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe [2011-09-02 3343360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-10-02 20472992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-11-16 23:31:28 ----D---- C:\rsit
2013-11-16 23:15:47 ----D---- C:\Program Files\Combined Community Codec Pack
2013-11-16 23:13:44 ----A---- C:\Windows\system32\jscript.dll
2013-11-16 23:13:43 ----A---- C:\Windows\system32\jscript9.dll
2013-11-16 23:13:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-16 23:13:42 ----A---- C:\Windows\system32\iesetup.dll
2013-11-16 23:13:41 ----A---- C:\Windows\system32\ieui.dll
2013-11-16 23:13:40 ----A---- C:\Windows\system32\urlmon.dll
2013-11-16 23:13:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 23:13:40 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-16 23:13:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-16 23:13:40 ----A---- C:\Windows\system32\iernonce.dll
2013-11-16 23:13:40 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-16 23:13:39 ----A---- C:\Windows\system32\iertutil.dll
2013-11-16 23:13:37 ----A---- C:\Windows\system32\wininet.dll
2013-11-16 23:13:34 ----A---- C:\Windows\system32\ieframe.dll
2013-11-16 23:13:32 ----A---- C:\Windows\system32\mshtml.dll
2013-11-16 23:10:38 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-16 23:10:38 ----A---- C:\Windows\system32\credui.dll
2013-11-16 23:10:38 ----A---- C:\Windows\system32\authui.dll
2013-11-16 23:10:35 ----A---- C:\Windows\system32\gdi32.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\sspicli.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\schannel.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\secur32.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\lsass.exe
2013-11-16 23:10:33 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-16 23:10:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-16 23:10:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-16 23:10:33 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-16 23:10:15 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-16 23:10:15 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-16 23:10:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 23:10:13 ----A---- C:\Windows\system32\crypt32.dll
2013-11-16 12:20:17 ----D---- C:\Program Files\Mozilla Firefox
2013-11-02 00:45:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-02 00:45:01 ----A---- C:\Windows\system32\msrating.dll
2013-11-02 00:45:01 ----A---- C:\Windows\system32\msls31.dll
2013-11-02 00:45:01 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-02 00:45:01 ----A---- C:\Windows\system32\inseng.dll
2013-11-02 00:45:01 ----A---- C:\Windows\system32\elshyph.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\wextract.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\vbscript.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\occache.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\mshta.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\imgutil.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\iexpress.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-02 00:45:00 ----A---- C:\Windows\system32\iepeers.dll
2013-11-02 00:45:00 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-02 00:44:59 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-02 00:44:59 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-02 00:44:59 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-02 00:44:59 ----A---- C:\Windows\system32\icardie.dll
2013-11-02 00:44:59 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-02 00:44:59 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-02 00:44:58 ----A---- C:\Windows\system32\webcheck.dll
2013-11-02 00:44:58 ----A---- C:\Windows\system32\url.dll
2013-11-02 00:44:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-02 00:44:58 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-02 00:44:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-02 00:42:33 ----A---- C:\Windows\system32\comctl32.dll
2013-11-02 00:42:30 ----A---- C:\Windows\system32\shell32.dll
2013-11-02 00:42:30 ----A---- C:\Windows\system32\shdocvw.dll
2013-11-02 00:42:27 ----A---- C:\Windows\system32\scavengeui.dll
2013-11-02 00:42:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-11-02 00:42:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-11-02 00:42:18 ----A---- C:\Windows\system32\mswsock.dll
2013-11-02 00:42:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-11-02 00:42:18 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-02 00:42:16 ----A---- C:\Windows\system32\tdh.dll
2013-11-02 00:42:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-11-02 00:42:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-11-02 00:42:16 ----A---- C:\Windows\system32\ntdll.dll
2013-11-02 00:42:15 ----A---- C:\Windows\system32\advapi32.dll
2013-11-02 00:42:12 ----A---- C:\Windows\system32\WebClnt.dll
2013-11-02 00:42:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-11-02 00:42:12 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-11-02 00:42:12 ----A---- C:\Windows\system32\davclnt.dll
2013-11-02 00:42:11 ----A---- C:\Windows\system32\win32k.sys
2013-11-02 00:42:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-02 00:42:10 ----A---- C:\Windows\system32\lpk.dll
2013-11-02 00:42:10 ----A---- C:\Windows\system32\fontsub.dll
2013-11-02 00:42:10 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-11-02 00:42:10 ----A---- C:\Windows\system32\dciman32.dll
2013-11-02 00:42:10 ----A---- C:\Windows\system32\atmlib.dll
2013-11-02 00:42:10 ----A---- C:\Windows\system32\atmfd.dll
2013-11-02 00:40:19 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-11-02 00:39:51 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-11-02 00:39:50 ----A---- C:\Windows\system32\KernelBase.dll
2013-11-02 00:39:50 ----A---- C:\Windows\system32\kernel32.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-02 00:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-11-02 00:39:49 ----A---- C:\Windows\system32\winsrv.dll
2013-11-02 00:39:49 ----A---- C:\Windows\system32\conhost.exe
2013-10-28 13:33:03 ----D---- C:\Users\John\AppData\Roaming\ShinyTales
2013-10-27 13:40:14 ----D---- C:\ProgramData\McAfee
2013-10-25 12:31:47 ----D---- C:\ProgramData\Mozilla
2013-10-25 12:31:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-17 20:43:09 ----D---- C:\ProgramData\Oracle
2013-10-17 20:43:07 ----D---- C:\Program Files\Common Files\Java
2013-10-17 20:43:01 ----A---- C:\Windows\system32\javaws.exe
2013-10-17 20:42:54 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-17 20:42:54 ----A---- C:\Windows\system32\javaw.exe
2013-10-17 20:42:53 ----A---- C:\Windows\system32\java.exe
======List of files/folders modified in the last 1 month======
2013-11-16 23:31:30 ----D---- C:\Program Files\trend micro
2013-11-16 23:25:25 ----D---- C:\Windows\System32
2013-11-16 23:25:25 ----D---- C:\Windows\inf
2013-11-16 23:25:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-16 23:23:27 ----D---- C:\Users\John\AppData\Roaming\Skype
2013-11-16 23:19:42 ----D---- C:\Windows\winsxs
2013-11-16 23:19:19 ----D---- C:\Windows\system32\config
2013-11-16 23:18:29 ----D---- C:\Windows\Temp
2013-11-16 23:17:06 ----D---- C:\Windows\system32\en-US
2013-11-16 23:17:06 ----D---- C:\Windows\system32\drivers
2013-11-16 23:17:06 ----D---- C:\Windows\system32\cs-CZ
2013-11-16 23:17:05 ----D---- C:\Program Files\Internet Explorer
2013-11-16 23:15:47 ----RD---- C:\Program Files
2013-11-16 23:15:27 ----D---- C:\Windows\Prefetch
2013-11-16 23:15:22 ----D---- C:\Windows\system32\catroot
2013-11-16 23:14:07 ----D---- C:\Windows\system32\catroot2
2013-11-16 23:13:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-16 23:11:31 ----D---- C:\Windows\system32\MRT
2013-11-16 23:11:26 ----A---- C:\Windows\system32\MRT.exe
2013-11-16 23:11:13 ----SHD---- C:\System Volume Information
2013-11-16 17:45:11 ----D---- C:\ProgramData\MFAData
2013-11-05 20:34:40 ----SHD---- C:\Windows\Installer
2013-11-04 12:39:53 ----SD---- C:\Users\John\AppData\Roaming\Microsoft
2013-11-02 16:21:58 ----D---- C:\Windows\rescache
2013-11-02 01:19:35 ----D---- C:\Windows\Microsoft.NET
2013-11-02 01:19:27 ----RSD---- C:\Windows\assembly
2013-11-02 01:05:57 ----D---- C:\Windows\system32\migration
2013-11-02 01:05:57 ----D---- C:\Windows\PolicyDefinitions
2013-11-02 01:05:53 ----D---- C:\Windows\system32\DriverStore
2013-11-02 00:48:36 ----D---- C:\Windows\Logs
2013-11-02 00:43:30 ----D---- C:\Windows
2013-10-27 13:48:17 ----HD---- C:\ProgramData
2013-10-27 13:40:12 ----D---- C:\Windows\Tasks
2013-10-27 13:40:12 ----D---- C:\Windows\system32\Tasks
2013-10-25 12:31:53 ----D---- C:\Users\John\AppData\Roaming\Mozilla
2013-10-25 12:29:14 ----D---- C:\Windows\system32\NDF
2013-10-19 19:25:11 ----D---- C:\ProgramData\Skype
2013-10-19 19:25:02 ----RD---- C:\Program Files\Skype
2013-10-17 20:43:07 ----D---- C:\Program Files\Common Files
2013-10-17 20:42:53 ----D---- C:\Program Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 RRamdisk;Ramdisk Driver; C:\Windows\system32\DRIVERS\rramdisk.sys [2008-01-25 12288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-01-06 236600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-01-06 35768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-10 218688]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-01-06 80064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-24 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-24 290304]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1168896]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 rt61x86;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr61.sys [2010-04-07 376160]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-24 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\btkrnl.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys []
S3 cpuz130;cpuz130; \??\C:\Users\John\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2009-07-13 118784]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-24 217088]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-01-17 1803224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-22 76888]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-11 79360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu! budu velice vděčný!
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu! budu velice vděčný!
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu! budu velice vděčný!
Dobrý den
Vše jsem udělal ale na konci skenu mi to hodilo tuhle hlášku...
Vše jsem udělal ale na konci skenu mi to hodilo tuhle hlášku...
- Přílohy
-
- asff.jpg (62.72 KiB) Zobrazeno 928 x
Re: Prosím o kontrolu logu! budu velice vděčný!
Obcas se to stane, ze OTL tuhle chybku vyhodi 
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu! budu velice vděčný!
OTL Extras logfile created on: 17.11.2013 19:40:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
2,94 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 61,81% Memory free
5,87 Gb Paging File | 4,40 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): r:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 17,65 Gb Free Space | 36,21% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 72,70 Gb Free Space | 29,16% Space Free | Partition Type: NTFS
Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0100C42A-789A-482B-905F-B0F914D101F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0DC4CD2F-CFB9-44F8-A4E6-C4A4BDDB0A95}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{18F3CFBB-5008-46AA-A87F-971324DF74C2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1AECBCBA-2B1D-4D85-91A3-28BD042F7562}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{266BC290-3C69-4BD7-9607-5EC60CBBF6E3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2B669519-5DBD-4A3A-977E-475E02A2486A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{389C17A1-1CCE-4833-9E4C-D7420C67987B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{431A84E5-2B6E-4FD8-B277-171A6BD871DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{4873D5FB-DE6B-46D5-BA89-9CD1E34A17FC}" = rport=445 | protocol=6 | dir=out | app=system |
"{50A6611E-52A4-4117-A479-17267F07178E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{513969A8-F7F0-439F-B589-CE1198B12E29}" = lport=138 | protocol=17 | dir=in | app=system |
"{5E93E6E5-E681-43FE-82D0-B1CDF12E237B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F9F5043-912E-481F-89DE-64133E09446D}" = rport=138 | protocol=17 | dir=out | app=system |
"{67761E69-DDA3-4DB4-A1EE-8CE34F3652B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68098895-13B0-4C29-B2FA-6F2F417E2DF9}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6D67EDF6-A756-4D20-8EAD-C71184C2885D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{749210B3-5F53-42CC-86C2-379A7264611B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{790BA490-0CFB-4F92-B749-DEBE8F0AD74A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{827210B2-AE57-422B-BD80-6B68B30109C9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85EF620F-A7E1-475E-85DD-4DC23D142556}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95B42D3A-7C47-4271-B359-00A48924FE5A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98411310-9261-48E2-80C7-060EB934B7D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{9F257B91-7CB4-4FF1-BD9C-7E875D51BBC8}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A99ED383-A05E-402F-9CA5-169E7348D571}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADFBF8E6-0E52-4A6E-93A4-772D5C733DAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B36217E9-EF3F-4B63-A447-32FEF5CD230B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA438A3F-B0ED-41CD-9751-A6E08929BC02}" = rport=2869 | protocol=6 | dir=out | app=system |
"{CC1814C5-572E-4EAD-9EC3-40D81F8FA932}" = rport=139 | protocol=6 | dir=out | app=system |
"{D753C916-3C38-46B3-8009-D3572505862C}" = lport=445 | protocol=6 | dir=in | app=system |
"{E23B6669-B3AC-468E-9B98-CE0E36A17CBB}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E75AD56A-94D6-44D6-94CC-29768354BD51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E867215D-5810-4816-9AED-933EE02A14B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F4CB97E3-03B3-4AFC-BB62-E4D9C045BD10}" = rport=137 | protocol=17 | dir=out | app=system |
"{FE9D2720-F583-41EE-8FF9-5F4C9A21A7CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFB2775D-55D8-4296-B797-2FE9179A30D4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E1DB47-2699-4AB7-8355-6C50092CEB78}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{034B0246-1E97-4031-87BE-A9FCE0C73789}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{05D865E8-A330-40A6-BA33-AF173B841371}" = protocol=6 | dir=in | app=d:\hry\mass effect\binaries\masseffect.exe |
"{09627F44-8343-4E41-B355-A4B90F96E29D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{13518533-C6E9-4F21-9703-3C1861996E88}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1485EF3C-ECEC-4D5A-85D7-8A19BF8905E4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{16852109-836D-4EF9-AE83-881B504D36D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{16D14BF1-B080-4F14-9493-D6C7B2282471}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{17A2B7D1-7360-4B2C-87C7-2677818D46A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{18831894-9A82-458E-8625-509AAF20F58C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1AF2C243-0593-49E9-8557-7C0E73F17341}" = protocol=17 | dir=in | app=d:\hry\mass effect\binaries\masseffect.exe |
"{1DC258F9-D619-45CE-961D-B859225D67E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F35F7BE-1E2E-410F-9A4B-0842199E38B6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{217F708F-EB68-4942-A7A3-B7E34A317CD5}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{25819D26-320E-4407-91D7-2B0DEA5E02A6}" = protocol=6 | dir=in | app=d:\hry\endwar\tom clancy's endwar\tom clancy's endwar launcher.exe |
"{25EA36A9-3418-48BB-AB9B-036B7EB838D1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2D059D21-44F1-4419-AE80-AFDAE44DA976}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{2E71BCEE-C9A8-44DB-9C42-BA0D0EE275B0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{30A4FA00-3DC6-41F8-AE6D-FB5F9F882D40}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{3460C4F2-6096-4DAA-AB35-E89088212E10}" = protocol=6 | dir=in | app=d:\hry\mass effect\masseffectlauncher.exe |
"{34C475F9-DC07-4F62-8441-66C9E176E4CD}" = protocol=6 | dir=in | app=d:\hry\arma 2\arma2.exe |
"{34F4491E-41CC-4378-985B-D76BFD866970}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3E1C4567-3F45-48F3-8DDC-216298092DC8}" = protocol=6 | dir=in | app=d:\hry\frontlines fuel of war\binaries\ffow.exe |
"{3E7176AA-3A9E-4E0E-A5D1-0787B66AB36F}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{409740F8-8A5D-4853-BB0F-EBC38A78D1BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4221E499-3664-4A02-8AF9-35A384702B53}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{43082EB7-13F5-48DE-975D-3BC6E4489EC4}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{446A22AF-B04E-44D9-A120-384319FBDFF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{446E61EA-490F-43DA-87ED-C63CFCE2C55F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{565E888D-733A-4F7D-AC62-AB2CE7F1637B}" = protocol=17 | dir=in | app=d:\hry\mass effect\masseffectlauncher.exe |
"{5F57CE0B-AA12-4DF9-84AA-9E5B0B781D93}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5FB825AF-87E3-471A-B828-D1EC98B319BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{63A715CD-8C02-42B3-84D3-7F944D649D62}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{69C4CDB4-13F4-4743-A21B-A2EBEFABE285}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{6F17EFCB-3640-4AA0-8413-8463CACCF30E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{73BFDCEA-103F-4088-87FF-CCA94FB20DC7}" = protocol=17 | dir=in | app=d:\hry\arma2\arma2.exe |
"{7444A904-93F6-4E9C-B91B-7EEF1308A815}" = protocol=17 | dir=in | app=d:\hry\frontlines fuel of war\binaries\ffow.exe |
"{75EE18DD-0C12-4F22-B88A-1C162B2E3D87}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78623E43-7391-4924-843A-ED29CEBC1A7C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{789E3305-1016-41E4-993D-7C1DCCE9DB8B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{80577AA1-2727-4FBF-8132-5C5F4B1A5D44}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8125462B-A0B8-40C5-B23F-5B3BE8A271AE}" = protocol=17 | dir=in | app=d:\hry\endwar\tom clancy's endwar\tom clancy's endwar launcher.exe |
"{827F4D88-03A3-4FCF-AF22-BC4DC0250B6E}" = protocol=17 | dir=in | app=d:\hry\arma 2 operation arrowhead\arma2oa.exe |
"{85390F2A-3FEE-4719-914F-BF6BCBA03770}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{8816032D-D604-42AE-95EA-E134960DE3F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{8D9A4098-1A35-4202-8E5F-0E24AFE1DF24}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{9536CC7F-34E1-4AD0-AC0E-0A0EF18AB2A1}" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{9602F485-311D-4C61-941B-4B7F6264903D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{97885C75-470C-44A2-A5F0-35B6C9896631}" = protocol=6 | dir=in | app=d:\hry\arma 2 operation arrowhead\arma2oa.exe |
"{97AE1173-2991-47BA-A34F-9C085B4B9119}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{98D66C46-6CF0-4C87-A62D-6C71227701F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CF5ADEF-6843-4F74-B513-757893B83742}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{9E77B54D-F2DC-49F5-9DE4-455759D7A14A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{9E92D4A3-D1F1-4092-926F-4D7BE9CD6F32}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9EC72022-983F-4F3E-9FDC-4E67690D2EBA}" = protocol=17 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{A906E980-971F-4C7A-AB5E-7D97DEF2261D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{AB503CD5-9800-4CED-81C4-169AFD0A5747}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{B4658CBD-7ABB-48BC-ADFB-964D6B142FCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B58279B8-4BB1-4D10-A28E-AD49BA096644}" = protocol=17 | dir=in | app=d:\hry\endwar\tom clancy's endwar\binaries\endwar.exe |
"{C271792D-DAD0-4B47-BAFC-8A05FF5ED8A8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C34C9354-79CF-41BF-BB0B-74B59910710A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{C599A758-80EE-4EFE-838D-8D5C2BB955A4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C65A370C-A54E-4E58-A222-16D673E2B513}" = protocol=6 | dir=in | app=d:\hry\arma2\arma2.exe |
"{C768C3FF-F264-4323-B511-5286D2E7C5C3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CAF3D5E6-6113-47D0-ACDA-404A6B8838E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB555629-7259-40FF-8A55-2F93FEC219BD}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{D260C53C-4A48-4753-B8DA-A267F14B22A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D56F634C-9A2B-4EC0-BCC3-A128538ADD27}" = protocol=6 | dir=in | app=d:\hry\frontlines\binaries\ffow.exe |
"{DBFE2292-D652-4187-8BC1-575FD7125701}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DD94065E-828B-4081-929C-FBF935EB89D0}" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{E1C9C48D-8D29-476D-88F9-7ADDA25458D7}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{E26194D7-C2D3-4768-912F-53FECAB63217}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{E59E412B-7C8A-45B9-8D7F-8801C28E437D}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{E5A9558B-E065-4AD6-B248-B509410B5C51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8DBA7BF-A77E-4354-B14C-28BA43CB50BD}" = protocol=17 | dir=in | app=d:\hry\frontlines\binaries\ffow.exe |
"{EBF22EFE-544C-44F5-AEA4-A5E4E0342E2A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F073D264-0C50-4D88-8D9B-EC7DB9760C05}" = protocol=6 | dir=out | app=system |
"{F7E6A78E-1924-4FA9-B639-61AA0733DE60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB25353B-0985-4629-9E92-E69AA266D72D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB3225E5-2CAA-483F-85FA-1B194919D08D}" = protocol=6 | dir=in | app=d:\hry\endwar\tom clancy's endwar\binaries\endwar.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3AF144F9-849D-DEDA-BA4F-2EBA94A3CF10}" = ccc-utility
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{3C4AF931-D0B4-D0AF-24EE-37D5D5FA0908}" = AMD Catalyst Install Manager
"{43847868-7104-EC39-2A1A-BACE8D8C3426}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038302}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038303}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038304}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038305}" = BioShock 2
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6F1A4B7-4EFA-653F-98EB-BFD8C209FF1C}" = AMD Accelerated Video Transcoding
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE46269C-3DB6-281D-07AC-E658A9768A8E}" = AMD Drag and Drop Transcoding
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{D7241F38-7D90-794C-C77E-2F8DBEBED491}" = AMD Media Foundation Decoders
"{E52B76E9-F6DE-4EF1-BAFD-1684B037C7FA}_is1" = Dishonored version 1.2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EEAFDDCF-0B0E-44DB-995B-886FB139CF1F}" = AVG 2014
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5102A3B-0990-4E26-A289-5158D77F6455}" = GxStandard16-in-1
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = Catalyst Control Center
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alice's Magical Mahjong_is1" = Alice's Magical Mahjong
"AVG" = AVG 2014
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II v1.0.0.1
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-04-20
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DAEMON Tools Lite" = DAEMON Tools Lite
"Darksiders II_is1" = Darksiders II
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"Handset WinDriver" = Handset WinDriver 1.02.02.00
"InstallShield_{F5102A3B-0990-4E26-A289-5158D77F6455}" = 16-in-1
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rockstar Games Social Club" = Rockstar Games Social Club
"Tibet Quest_is1" = Tibet Quest
"Totalcmd" = Total Commander (Remove or Repair)
"Tropical Fish Shop_is1" = Tropical Fish Shop
"Uninstall_is1" = Uninstall 1.0.0.1
"Update CZ 1.00" = Update CZ 1.00
"VLC media player" = VLC media player 1.1.8
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.8.2013 14:25:57 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.tmp, verze: 51.52.0.0, casové razítko:
0x2a425e19 Název chybujícího modulu: dsound.DLL, verze: 6.1.7600.16385, casové razítko:
0x4a5bd9fd Kód výjimky: 0xc0000005 Posun chyby: 0x00008ce3 ID chybujícího procesu:
0x1474 Cas spuštení chybující aplikace: 0x01cea41c08b7640f Cesta k chybující aplikaci:
C:\Users\John\AppData\Local\Temp\is-31LNI.tmp\Setup.tmp Cesta k chybujícímu modulu:
C:\Windows\system32\dsound.DLL ID zprávy: 47fa5985-100f-11e3-9a42-000272c30e73
Error - 28.8.2013 14:27:10 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.tmp, verze: 51.52.0.0, casové razítko:
0x2a425e19 Název chybujícího modulu: dsound.DLL, verze: 6.1.7600.16385, casové razítko:
0x4a5bd9fd Kód výjimky: 0xc0000005 Posun chyby: 0x00008893 ID chybujícího procesu:
0x11f0 Cas spuštení chybující aplikace: 0x01cea41c34bfd6c6 Cesta k chybující aplikaci:
C:\Users\John\AppData\Local\Temp\is-A7EMO.tmp\Setup.tmp Cesta k chybujícímu modulu:
C:\Windows\system32\dsound.DLL ID zprávy: 7332f659-100f-11e3-9a42-000272c30e73
Error - 5.10.2013 3:30:55 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x13b0 Cas spuštení chybující aplikace: 0x01cec19c3b6431ec Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 11839b32-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:31:27 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x11f4 Cas spuštení chybující aplikace: 0x01cec19ce481fa83 Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 246d3acc-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:31:33 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x590 Cas spuštení chybující aplikace: 0x01cec19ce846a42f Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 2869211e-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:33:39 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0xc18 Cas spuštení chybující aplikace: 0x01cec19cd702293c Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 734304c1-2d90-11e3-a627-000272c30e73
Error - 22.10.2013 12:12:34 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: atieclxx.exe, verze: 6.14.11.1122, casové
razítko: 0x51780dcb Název chybujícího modulu: atieclxx.exe, verze: 6.14.11.1122,
casové razítko: 0x51780dcb Kód výjimky: 0xc0000005 Posun chyby: 0x0001544a ID chybujícího
procesu: 0x690 Cas spuštení chybující aplikace: 0x01cecf31367ee050 Cesta k chybující
aplikaci: C:\Windows\system32\atieclxx.exe Cesta k chybujícímu modulu: C:\Windows\system32\atieclxx.exe
ID
zprávy: c22af67d-3b34-11e3-b11f-000272c30e73
Error - 3.11.2013 11:39:09 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IELowutil.exe, verze: 10.0.9200.16521, casové
razítko: 0x51207c70 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744,
casové razítko: 0x4eeaf722 Kód výjimky: 0x40000015 Posun chyby: 0x0005620a ID chybujícího
procesu: 0x1164 Cas spuštení chybující aplikace: 0x01ced8a3d72f0eba Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\IELowutil.exe Cesta k chybujícímu modulu:
C:\Windows\system32\msvcrt.dll ID zprávy: 141879c9-449e-11e3-a386-000272c30e73
Error - 15.11.2013 19:39:47 | Computer Name = John-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Hry\The Elder Scrolls V Skyrim\skyrim4gb_helper.dll
se nezdarilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
nelze najít. Podrobnejší diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 17.11.2013 11:01:07 | Computer Name = John-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 11.0.9600.16428 prestal spolupracovat se
systémem Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1268 Cas spuštení: 01cee3a45c54efa0 Cas ukoncení: 93 Cesta k aplikaci: C:\Program
Files\Internet Explorer\iexplore.exe ID hlášení:
[ System Events ]
Error - 16.11.2013 17:42:23 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 16.11.2013 17:43:14 | Computer Name = John-PC | Source = Service Control Manager | ID = 7011
Description = Pri cekání na odezvu transakce služby SysMain bylo dosaženo casového
limitu (30000 ms).
Error - 16.11.2013 18:18:24 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 4:33:29 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 10:40:48 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 10:53:43 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 14:10:16 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:10:16 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:12:29 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:12:29 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
2,94 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 61,81% Memory free
5,87 Gb Paging File | 4,40 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): r:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 17,65 Gb Free Space | 36,21% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 72,70 Gb Free Space | 29,16% Space Free | Partition Type: NTFS
Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0100C42A-789A-482B-905F-B0F914D101F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0DC4CD2F-CFB9-44F8-A4E6-C4A4BDDB0A95}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{18F3CFBB-5008-46AA-A87F-971324DF74C2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1AECBCBA-2B1D-4D85-91A3-28BD042F7562}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{266BC290-3C69-4BD7-9607-5EC60CBBF6E3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2B669519-5DBD-4A3A-977E-475E02A2486A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{389C17A1-1CCE-4833-9E4C-D7420C67987B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{431A84E5-2B6E-4FD8-B277-171A6BD871DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{4873D5FB-DE6B-46D5-BA89-9CD1E34A17FC}" = rport=445 | protocol=6 | dir=out | app=system |
"{50A6611E-52A4-4117-A479-17267F07178E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{513969A8-F7F0-439F-B589-CE1198B12E29}" = lport=138 | protocol=17 | dir=in | app=system |
"{5E93E6E5-E681-43FE-82D0-B1CDF12E237B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F9F5043-912E-481F-89DE-64133E09446D}" = rport=138 | protocol=17 | dir=out | app=system |
"{67761E69-DDA3-4DB4-A1EE-8CE34F3652B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68098895-13B0-4C29-B2FA-6F2F417E2DF9}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6D67EDF6-A756-4D20-8EAD-C71184C2885D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{749210B3-5F53-42CC-86C2-379A7264611B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{790BA490-0CFB-4F92-B749-DEBE8F0AD74A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{827210B2-AE57-422B-BD80-6B68B30109C9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85EF620F-A7E1-475E-85DD-4DC23D142556}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95B42D3A-7C47-4271-B359-00A48924FE5A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98411310-9261-48E2-80C7-060EB934B7D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{9F257B91-7CB4-4FF1-BD9C-7E875D51BBC8}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A99ED383-A05E-402F-9CA5-169E7348D571}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADFBF8E6-0E52-4A6E-93A4-772D5C733DAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B36217E9-EF3F-4B63-A447-32FEF5CD230B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA438A3F-B0ED-41CD-9751-A6E08929BC02}" = rport=2869 | protocol=6 | dir=out | app=system |
"{CC1814C5-572E-4EAD-9EC3-40D81F8FA932}" = rport=139 | protocol=6 | dir=out | app=system |
"{D753C916-3C38-46B3-8009-D3572505862C}" = lport=445 | protocol=6 | dir=in | app=system |
"{E23B6669-B3AC-468E-9B98-CE0E36A17CBB}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E75AD56A-94D6-44D6-94CC-29768354BD51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E867215D-5810-4816-9AED-933EE02A14B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F4CB97E3-03B3-4AFC-BB62-E4D9C045BD10}" = rport=137 | protocol=17 | dir=out | app=system |
"{FE9D2720-F583-41EE-8FF9-5F4C9A21A7CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFB2775D-55D8-4296-B797-2FE9179A30D4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E1DB47-2699-4AB7-8355-6C50092CEB78}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{034B0246-1E97-4031-87BE-A9FCE0C73789}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{05D865E8-A330-40A6-BA33-AF173B841371}" = protocol=6 | dir=in | app=d:\hry\mass effect\binaries\masseffect.exe |
"{09627F44-8343-4E41-B355-A4B90F96E29D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{13518533-C6E9-4F21-9703-3C1861996E88}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1485EF3C-ECEC-4D5A-85D7-8A19BF8905E4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{16852109-836D-4EF9-AE83-881B504D36D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{16D14BF1-B080-4F14-9493-D6C7B2282471}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{17A2B7D1-7360-4B2C-87C7-2677818D46A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{18831894-9A82-458E-8625-509AAF20F58C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1AF2C243-0593-49E9-8557-7C0E73F17341}" = protocol=17 | dir=in | app=d:\hry\mass effect\binaries\masseffect.exe |
"{1DC258F9-D619-45CE-961D-B859225D67E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F35F7BE-1E2E-410F-9A4B-0842199E38B6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{217F708F-EB68-4942-A7A3-B7E34A317CD5}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{25819D26-320E-4407-91D7-2B0DEA5E02A6}" = protocol=6 | dir=in | app=d:\hry\endwar\tom clancy's endwar\tom clancy's endwar launcher.exe |
"{25EA36A9-3418-48BB-AB9B-036B7EB838D1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2D059D21-44F1-4419-AE80-AFDAE44DA976}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{2E71BCEE-C9A8-44DB-9C42-BA0D0EE275B0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{30A4FA00-3DC6-41F8-AE6D-FB5F9F882D40}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{3460C4F2-6096-4DAA-AB35-E89088212E10}" = protocol=6 | dir=in | app=d:\hry\mass effect\masseffectlauncher.exe |
"{34C475F9-DC07-4F62-8441-66C9E176E4CD}" = protocol=6 | dir=in | app=d:\hry\arma 2\arma2.exe |
"{34F4491E-41CC-4378-985B-D76BFD866970}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3E1C4567-3F45-48F3-8DDC-216298092DC8}" = protocol=6 | dir=in | app=d:\hry\frontlines fuel of war\binaries\ffow.exe |
"{3E7176AA-3A9E-4E0E-A5D1-0787B66AB36F}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{409740F8-8A5D-4853-BB0F-EBC38A78D1BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4221E499-3664-4A02-8AF9-35A384702B53}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{43082EB7-13F5-48DE-975D-3BC6E4489EC4}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{446A22AF-B04E-44D9-A120-384319FBDFF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{446E61EA-490F-43DA-87ED-C63CFCE2C55F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{565E888D-733A-4F7D-AC62-AB2CE7F1637B}" = protocol=17 | dir=in | app=d:\hry\mass effect\masseffectlauncher.exe |
"{5F57CE0B-AA12-4DF9-84AA-9E5B0B781D93}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5FB825AF-87E3-471A-B828-D1EC98B319BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\alien swarm\srcds.exe |
"{63A715CD-8C02-42B3-84D3-7F944D649D62}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{69C4CDB4-13F4-4743-A21B-A2EBEFABE285}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{6F17EFCB-3640-4AA0-8413-8463CACCF30E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{73BFDCEA-103F-4088-87FF-CCA94FB20DC7}" = protocol=17 | dir=in | app=d:\hry\arma2\arma2.exe |
"{7444A904-93F6-4E9C-B91B-7EEF1308A815}" = protocol=17 | dir=in | app=d:\hry\frontlines fuel of war\binaries\ffow.exe |
"{75EE18DD-0C12-4F22-B88A-1C162B2E3D87}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78623E43-7391-4924-843A-ED29CEBC1A7C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{789E3305-1016-41E4-993D-7C1DCCE9DB8B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{80577AA1-2727-4FBF-8132-5C5F4B1A5D44}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8125462B-A0B8-40C5-B23F-5B3BE8A271AE}" = protocol=17 | dir=in | app=d:\hry\endwar\tom clancy's endwar\tom clancy's endwar launcher.exe |
"{827F4D88-03A3-4FCF-AF22-BC4DC0250B6E}" = protocol=17 | dir=in | app=d:\hry\arma 2 operation arrowhead\arma2oa.exe |
"{85390F2A-3FEE-4719-914F-BF6BCBA03770}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{8816032D-D604-42AE-95EA-E134960DE3F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{8D9A4098-1A35-4202-8E5F-0E24AFE1DF24}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{9536CC7F-34E1-4AD0-AC0E-0A0EF18AB2A1}" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{9602F485-311D-4C61-941B-4B7F6264903D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{97885C75-470C-44A2-A5F0-35B6C9896631}" = protocol=6 | dir=in | app=d:\hry\arma 2 operation arrowhead\arma2oa.exe |
"{97AE1173-2991-47BA-A34F-9C085B4B9119}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{98D66C46-6CF0-4C87-A62D-6C71227701F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CF5ADEF-6843-4F74-B513-757893B83742}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{9E77B54D-F2DC-49F5-9DE4-455759D7A14A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{9E92D4A3-D1F1-4092-926F-4D7BE9CD6F32}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9EC72022-983F-4F3E-9FDC-4E67690D2EBA}" = protocol=17 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{A906E980-971F-4C7A-AB5E-7D97DEF2261D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{AB503CD5-9800-4CED-81C4-169AFD0A5747}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{B4658CBD-7ABB-48BC-ADFB-964D6B142FCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B58279B8-4BB1-4D10-A28E-AD49BA096644}" = protocol=17 | dir=in | app=d:\hry\endwar\tom clancy's endwar\binaries\endwar.exe |
"{C271792D-DAD0-4B47-BAFC-8A05FF5ED8A8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C34C9354-79CF-41BF-BB0B-74B59910710A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{C599A758-80EE-4EFE-838D-8D5C2BB955A4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C65A370C-A54E-4E58-A222-16D673E2B513}" = protocol=6 | dir=in | app=d:\hry\arma2\arma2.exe |
"{C768C3FF-F264-4323-B511-5286D2E7C5C3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CAF3D5E6-6113-47D0-ACDA-404A6B8838E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB555629-7259-40FF-8A55-2F93FEC219BD}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{D260C53C-4A48-4753-B8DA-A267F14B22A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D56F634C-9A2B-4EC0-BCC3-A128538ADD27}" = protocol=6 | dir=in | app=d:\hry\frontlines\binaries\ffow.exe |
"{DBFE2292-D652-4187-8BC1-575FD7125701}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DD94065E-828B-4081-929C-FBF935EB89D0}" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{E1C9C48D-8D29-476D-88F9-7ADDA25458D7}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{E26194D7-C2D3-4768-912F-53FECAB63217}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{E59E412B-7C8A-45B9-8D7F-8801C28E437D}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{E5A9558B-E065-4AD6-B248-B509410B5C51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8DBA7BF-A77E-4354-B14C-28BA43CB50BD}" = protocol=17 | dir=in | app=d:\hry\frontlines\binaries\ffow.exe |
"{EBF22EFE-544C-44F5-AEA4-A5E4E0342E2A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F073D264-0C50-4D88-8D9B-EC7DB9760C05}" = protocol=6 | dir=out | app=system |
"{F7E6A78E-1924-4FA9-B639-61AA0733DE60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB25353B-0985-4629-9E92-E69AA266D72D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB3225E5-2CAA-483F-85FA-1B194919D08D}" = protocol=6 | dir=in | app=d:\hry\endwar\tom clancy's endwar\binaries\endwar.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3AF144F9-849D-DEDA-BA4F-2EBA94A3CF10}" = ccc-utility
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{3C4AF931-D0B4-D0AF-24EE-37D5D5FA0908}" = AMD Catalyst Install Manager
"{43847868-7104-EC39-2A1A-BACE8D8C3426}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038301}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038302}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038303}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038304}" = BioShock 2
"{5454085C-840F-4070-8FAA-441000038305}" = BioShock 2
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6F1A4B7-4EFA-653F-98EB-BFD8C209FF1C}" = AMD Accelerated Video Transcoding
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE46269C-3DB6-281D-07AC-E658A9768A8E}" = AMD Drag and Drop Transcoding
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{D7241F38-7D90-794C-C77E-2F8DBEBED491}" = AMD Media Foundation Decoders
"{E52B76E9-F6DE-4EF1-BAFD-1684B037C7FA}_is1" = Dishonored version 1.2
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EEAFDDCF-0B0E-44DB-995B-886FB139CF1F}" = AVG 2014
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5102A3B-0990-4E26-A289-5158D77F6455}" = GxStandard16-in-1
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = Catalyst Control Center
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alice's Magical Mahjong_is1" = Alice's Magical Mahjong
"AVG" = AVG 2014
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II v1.0.0.1
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-04-20
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DAEMON Tools Lite" = DAEMON Tools Lite
"Darksiders II_is1" = Darksiders II
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"Handset WinDriver" = Handset WinDriver 1.02.02.00
"InstallShield_{F5102A3B-0990-4E26-A289-5158D77F6455}" = 16-in-1
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rockstar Games Social Club" = Rockstar Games Social Club
"Tibet Quest_is1" = Tibet Quest
"Totalcmd" = Total Commander (Remove or Repair)
"Tropical Fish Shop_is1" = Tropical Fish Shop
"Uninstall_is1" = Uninstall 1.0.0.1
"Update CZ 1.00" = Update CZ 1.00
"VLC media player" = VLC media player 1.1.8
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.8.2013 14:25:57 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.tmp, verze: 51.52.0.0, casové razítko:
0x2a425e19 Název chybujícího modulu: dsound.DLL, verze: 6.1.7600.16385, casové razítko:
0x4a5bd9fd Kód výjimky: 0xc0000005 Posun chyby: 0x00008ce3 ID chybujícího procesu:
0x1474 Cas spuštení chybující aplikace: 0x01cea41c08b7640f Cesta k chybující aplikaci:
C:\Users\John\AppData\Local\Temp\is-31LNI.tmp\Setup.tmp Cesta k chybujícímu modulu:
C:\Windows\system32\dsound.DLL ID zprávy: 47fa5985-100f-11e3-9a42-000272c30e73
Error - 28.8.2013 14:27:10 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.tmp, verze: 51.52.0.0, casové razítko:
0x2a425e19 Název chybujícího modulu: dsound.DLL, verze: 6.1.7600.16385, casové razítko:
0x4a5bd9fd Kód výjimky: 0xc0000005 Posun chyby: 0x00008893 ID chybujícího procesu:
0x11f0 Cas spuštení chybující aplikace: 0x01cea41c34bfd6c6 Cesta k chybující aplikaci:
C:\Users\John\AppData\Local\Temp\is-A7EMO.tmp\Setup.tmp Cesta k chybujícímu modulu:
C:\Windows\system32\dsound.DLL ID zprávy: 7332f659-100f-11e3-9a42-000272c30e73
Error - 5.10.2013 3:30:55 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x13b0 Cas spuštení chybující aplikace: 0x01cec19c3b6431ec Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 11839b32-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:31:27 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x11f4 Cas spuštení chybující aplikace: 0x01cec19ce481fa83 Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 246d3acc-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:31:33 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0x590 Cas spuštení chybující aplikace: 0x01cec19ce846a42f Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 2869211e-2d90-11e3-a627-000272c30e73
Error - 5.10.2013 3:33:39 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16502, casové
razítko: 0x51f08c68 Název chybujícího modulu: MSVCR71.dll, verze: 7.10.3052.4, casové
razítko: 0x3e561eac Kód výjimky: 0xc0000005 Posun chyby: 0x000017fb ID chybujícího
procesu: 0xc18 Cas spuštení chybující aplikace: 0x01cec19cd702293c Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
C:\Windows\system32\MSVCR71.dll ID zprávy: 734304c1-2d90-11e3-a627-000272c30e73
Error - 22.10.2013 12:12:34 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: atieclxx.exe, verze: 6.14.11.1122, casové
razítko: 0x51780dcb Název chybujícího modulu: atieclxx.exe, verze: 6.14.11.1122,
casové razítko: 0x51780dcb Kód výjimky: 0xc0000005 Posun chyby: 0x0001544a ID chybujícího
procesu: 0x690 Cas spuštení chybující aplikace: 0x01cecf31367ee050 Cesta k chybující
aplikaci: C:\Windows\system32\atieclxx.exe Cesta k chybujícímu modulu: C:\Windows\system32\atieclxx.exe
ID
zprávy: c22af67d-3b34-11e3-b11f-000272c30e73
Error - 3.11.2013 11:39:09 | Computer Name = John-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IELowutil.exe, verze: 10.0.9200.16521, casové
razítko: 0x51207c70 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744,
casové razítko: 0x4eeaf722 Kód výjimky: 0x40000015 Posun chyby: 0x0005620a ID chybujícího
procesu: 0x1164 Cas spuštení chybující aplikace: 0x01ced8a3d72f0eba Cesta k chybující
aplikaci: C:\Program Files\Internet Explorer\IELowutil.exe Cesta k chybujícímu modulu:
C:\Windows\system32\msvcrt.dll ID zprávy: 141879c9-449e-11e3-a386-000272c30e73
Error - 15.11.2013 19:39:47 | Computer Name = John-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Hry\The Elder Scrolls V Skyrim\skyrim4gb_helper.dll
se nezdarilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
nelze najít. Podrobnejší diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 17.11.2013 11:01:07 | Computer Name = John-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 11.0.9600.16428 prestal spolupracovat se
systémem Windows a byl ukoncen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1268 Cas spuštení: 01cee3a45c54efa0 Cas ukoncení: 93 Cesta k aplikaci: C:\Program
Files\Internet Explorer\iexplore.exe ID hlášení:
[ System Events ]
Error - 16.11.2013 17:42:23 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 16.11.2013 17:43:14 | Computer Name = John-PC | Source = Service Control Manager | ID = 7011
Description = Pri cekání na odezvu transakce služby SysMain bylo dosaženo casového
limitu (30000 ms).
Error - 16.11.2013 18:18:24 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 4:33:29 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 10:40:48 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 10:53:43 | Computer Name = John-PC | Source = BTHUSB | ID = 327685
Description = Ovladac Bluetooth ocekával událost HCI s urcitou velikostí, ale neobdržel
ji.
Error - 17.11.2013 14:10:16 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:10:16 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:12:29 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
Error - 17.11.2013 14:12:29 | Computer Name = John-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Re: Prosím o kontrolu logu! budu velice vděčný!
OTL logfile created on: 17.11.2013 19:40:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
2,94 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 61,81% Memory free
5,87 Gb Paging File | 4,40 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): r:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 17,65 Gb Free Space | 36,21% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 72,70 Gb Free Space | 29,16% Space Free | Partition Type: NTFS
Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.11.17 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
PRC - [2013.10.27 13:44:22 | 000,829,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
PRC - [2013.10.07 18:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013.10.03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013.09.25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013.09.15 22:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013.09.03 21:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013.08.20 22:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013.04.24 17:52:28 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013.04.24 17:51:52 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.09.02 09:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files\FreePDF_XP\fpassist.exe
PRC - [2011.01.17 23:30:46 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.01.17 23:30:16 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2004.12.14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
========== Modules (No Company Name) ==========
MOD - [2013.11.02 01:17:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013.11.02 01:13:31 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013.11.02 01:13:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013.11.02 01:13:12 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013.11.02 01:12:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.11.02 01:12:15 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013.11.02 01:11:47 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013.11.02 01:11:07 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013.08.29 11:53:47 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2013.08.28 22:29:15 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.08.28 22:28:39 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.08.28 22:28:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.08.12 10:40:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013.08.12 10:39:08 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll
MOD - [2013.08.12 10:38:14 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012.03.09 00:36:36 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.09.02 09:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe
MOD - [2011.08.10 13:43:19 | 000,118,272 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_Wheel4D.dll
MOD - [2011.06.24 17:31:26 | 000,891,392 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
MOD - [2011.06.22 10:54:22 | 002,328,064 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2011.04.12 15:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.04.06 16:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_PenSuit.dll
MOD - [2011.03.23 01:59:08 | 002,263,552 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2011.03.23 01:59:08 | 000,308,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\axvlc.dll
MOD - [2011.03.23 01:59:08 | 000,101,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2011.03.21 19:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011.01.09 20:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 17:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.13 03:37:08 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:53:44 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.11.05 02:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.11.01 20:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 14:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 14:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_ScrollbarControl.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.07.10 09:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009.02.06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
========== Services (SafeList) ==========
SRV - [2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.11.16 23:13:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.16 12:20:20 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.09.25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.24 17:51:52 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.11 00:17:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.01.17 23:30:46 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\John\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - [2013.09.25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013.09.10 21:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.09.08 21:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.09.02 09:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.09.02 09:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.09.02 09:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.09.02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.08.20 21:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.08.01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013.04.24 18:18:02 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013.04.24 18:18:02 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013.04.24 16:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.03.10 11:54:44 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.01.06 17:36:56 | 000,080,064 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.01.06 17:36:56 | 000,035,768 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.01.06 17:36:54 | 000,236,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.04.07 12:16:16 | 000,376,160 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009.10.16 02:11:56 | 001,168,896 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009.10.13 02:16:02 | 000,049,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.01.25 23:40:06 | 000,012,288 | ---- | M] (gavotte) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rramdisk.sys -- (RRamdisk)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\John\AppData\Roaming\IDM\idmmzcc5
[2012.01.27 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions
[2012.01.27 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2012.01.27 18:26:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2013.10.25 12:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2zm55zb5.default\extensions
[2013.11.16 12:20:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.16 12:20:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /schedule 300000 File not found
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [OscarEditor] C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3694B34-0F1B-497B-BD32-1198BB657756}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e2822add-4b03-11e0-8347-0018f38b57f9}\Shell - "" = AutoRun
O33 - MountPoints2\{e2822add-4b03-11e0-8347-0018f38b57f9}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
2,94 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 61,81% Memory free
5,87 Gb Paging File | 4,40 Gb Available in Paging File | 74,92% Paging File free
Paging file location(s): r:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 17,65 Gb Free Space | 36,21% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 72,70 Gb Free Space | 29,16% Space Free | Partition Type: NTFS
Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.11.17 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
PRC - [2013.10.27 13:44:22 | 000,829,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
PRC - [2013.10.07 18:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013.10.03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013.09.25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013.09.15 22:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013.09.03 21:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013.08.20 22:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013.04.24 17:52:28 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013.04.24 17:51:52 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.09.02 09:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files\FreePDF_XP\fpassist.exe
PRC - [2011.01.17 23:30:46 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.01.17 23:30:16 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2006.11.17 17:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2004.12.14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
========== Modules (No Company Name) ==========
MOD - [2013.11.02 01:17:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013.11.02 01:13:31 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013.11.02 01:13:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013.11.02 01:13:12 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013.11.02 01:12:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.11.02 01:12:15 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013.11.02 01:11:47 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013.11.02 01:11:07 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013.08.29 11:53:47 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2013.08.28 22:29:15 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.08.28 22:28:39 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.08.28 22:28:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.08.12 10:40:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013.08.12 10:39:08 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll
MOD - [2013.08.12 10:38:14 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012.03.09 00:36:36 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.09.02 09:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe
MOD - [2011.08.10 13:43:19 | 000,118,272 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_Wheel4D.dll
MOD - [2011.06.24 17:31:26 | 000,891,392 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
MOD - [2011.06.22 10:54:22 | 002,328,064 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2011.04.12 15:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.04.06 16:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_PenSuit.dll
MOD - [2011.03.23 01:59:08 | 002,263,552 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2011.03.23 01:59:08 | 000,308,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\axvlc.dll
MOD - [2011.03.23 01:59:08 | 000,101,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2011.03.21 19:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011.01.09 20:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 17:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\Data\GxStandard16in1\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.13 03:37:08 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:53:44 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.11.05 02:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.11.01 20:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 14:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 14:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files\GXStandard16-in-1\dll\DLL_ScrollbarControl.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.07.10 09:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009.02.06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
========== Services (SafeList) ==========
SRV - [2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.11.16 23:13:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.16 12:20:20 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.03 21:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.09.25 20:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.24 17:51:52 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.11 00:17:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.01.17 23:30:46 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\John\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - [2013.09.25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013.09.10 21:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.09.08 21:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.09.02 09:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.09.02 09:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.09.02 09:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.09.02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.08.20 21:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.08.01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013.04.24 18:18:02 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013.04.24 18:18:02 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013.04.24 16:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.03.10 11:54:44 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.01.06 17:36:56 | 000,080,064 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.01.06 17:36:56 | 000,035,768 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.01.06 17:36:54 | 000,236,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.04.07 12:16:16 | 000,376,160 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009.10.16 02:11:56 | 001,168,896 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009.10.13 02:16:02 | 000,049,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.01.25 23:40:06 | 000,012,288 | ---- | M] (gavotte) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rramdisk.sys -- (RRamdisk)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\John\AppData\Roaming\IDM\idmmzcc5
[2012.01.27 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions
[2012.01.27 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2012.01.27 18:26:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2013.10.25 12:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2zm55zb5.default\extensions
[2013.11.16 12:20:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.16 12:20:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /schedule 300000 File not found
O4 - HKU\S-1-5-21-4288326655-1813414988-3894608783-1000..\Run: [OscarEditor] C:\Program Files\GXStandard16-in-1\GXStandard16in1.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3694B34-0F1B-497B-BD32-1198BB657756}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e2822add-4b03-11e0-8347-0018f38b57f9}\Shell - "" = AutoRun
O33 - MountPoints2\{e2822add-4b03-11e0-8347-0018f38b57f9}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Re: Prosím o kontrolu logu! budu velice vděčný!
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.11.17 15:46:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2013.11.17 15:33:02 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.11.17 15:33:02 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.11.17 15:33:02 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.11.17 15:33:01 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.11.17 15:33:01 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.11.17 15:33:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.11.17 15:33:00 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.11.17 15:33:00 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.11.17 15:33:00 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.11.17 15:33:00 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.11.17 15:33:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.11.17 15:33:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.11.17 15:33:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.11.17 15:32:59 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.11.17 15:32:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.11.17 15:32:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013.11.17 15:32:59 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.11.17 15:31:17 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.11.17 15:31:17 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.11.16 23:31:28 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.16 23:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2013.11.16 23:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2013.11.16 23:10:38 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.11.16 23:10:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013.11.16 23:10:33 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.11.16 23:10:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013.11.16 23:10:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013.11.16 23:10:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013.11.16 12:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.02 01:11:07 | 000,000,000 | R--D | C] -- C:\Users\John\Desktop\Saved Games
[2013.11.02 00:42:27 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013.11.02 00:42:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.11.02 00:42:23 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013.11.02 00:42:16 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.11.02 00:42:16 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.11.02 00:42:16 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013.11.02 00:42:11 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.11.02 00:42:11 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013.11.02 00:42:10 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.11.02 00:42:10 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013.11.02 00:42:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.11.02 00:42:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.11.02 00:42:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013.11.02 00:39:49 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.11.02 00:39:49 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.11.02 00:39:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.11.02 00:39:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.10.28 13:33:03 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\ShinyTales
[2013.10.27 13:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2013.10.27 13:42:08 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Macromedia
[2013.10.27 13:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013.10.25 12:31:53 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Mozilla
[2013.10.25 12:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.25 12:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.11.17 19:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.17 19:43:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.17 15:56:44 | 000,631,138 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.11.17 15:56:44 | 000,623,890 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.11.17 15:56:44 | 000,123,564 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.11.17 15:56:44 | 000,107,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2013.11.17 15:40:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.17 15:40:52 | 2364,940,288 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.17 15:33:02 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.11.17 15:33:02 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.11.17 15:33:02 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.11.17 15:33:01 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.11.17 15:33:01 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.11.17 15:33:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.11.17 15:33:00 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.11.17 15:33:00 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.11.17 15:33:00 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.11.17 15:33:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.11.17 15:33:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.11.17 15:33:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.11.17 15:33:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.11.17 15:33:00 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.11.17 15:32:59 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.11.17 15:32:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.11.17 15:32:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013.11.17 15:32:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.11.16 23:30:45 | 000,781,383 | ---- | M] () -- C:\Users\John\Desktop\RSIT.exe
[2013.11.16 23:13:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.11.16 23:13:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.11.02 10:55:56 | 000,006,403 | ---- | M] () -- C:\Users\John\Desktop\t-34-85-improvized-schurzen-466.htm
[2013.11.02 01:10:06 | 000,341,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.27 13:35:10 | 000,001,397 | ---- | M] () -- C:\Users\John\Desktop\Internet Explorer.lnk
[2013.10.25 12:31:49 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.17 15:52:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.17 15:33:00 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.11.16 23:30:45 | 000,781,383 | ---- | C] () -- C:\Users\John\Desktop\RSIT.exe
[2013.11.02 10:55:58 | 000,006,403 | ---- | C] () -- C:\Users\John\Desktop\t-34-85-improvized-schurzen-466.htm
[2013.10.27 13:40:12 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.27 13:35:10 | 000,001,397 | ---- | C] () -- C:\Users\John\Desktop\Internet Explorer.lnk
[2013.10.25 12:31:49 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.25 12:31:49 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.24 17:05:58 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.04.24 17:05:58 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.11.13 16:14:17 | 000,000,092 | ---- | C] () -- C:\Users\John\AppData\Local\fusioncache.dat
[2012.03.09 00:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2012.03.06 18:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.15 20:23:32 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011.06.22 17:25:40 | 000,005,632 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.20 19:41:10 | 000,022,328 | ---- | C] () -- C:\Users\John\AppData\Roaming\PnkBstrK.sys
[2011.06.10 21:24:30 | 000,007,603 | ---- | C] () -- C:\Users\John\AppData\Local\Resmon.ResmonCfg
[2011.05.04 18:39:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2002.07.01 15:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\John\AppData\Roaming\brun_nbeta12.dat
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.01.31 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.02.24 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Arkadium
[2013.09.29 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVG2014
[2012.03.19 13:22:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Awem
[2011.05.06 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Az-Art
[2011.07.11 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Bioshock2
[2012.01.29 16:05:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Boolat Games
[2012.01.27 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Broad Intelligence
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Brunhilda
[2011.03.09 22:15:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CannyGames
[2011.03.10 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2011.09.02 23:08:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DMCache
[2011.05.05 19:20:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.08 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Floodlight Games
[2011.10.16 10:17:24 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreePDF
[2011.05.28 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FriendsGamesNetwork
[2011.04.22 20:49:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Funlinker
[2012.02.23 14:21:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gaijin Ent
[2011.03.27 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2011.03.09 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gold Casual Games
[2012.02.02 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HdO Adventure
[2012.02.27 10:41:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HitPoint Studios
[2012.03.19 14:34:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IBAGroup
[2012.02.18 17:44:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\iWin
[2012.03.17 21:22:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Jewel Keepers Easter Island
[2011.03.09 22:20:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\kingdom
[2012.03.18 18:03:05 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LaJangada
[2011.07.05 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LestaStudio
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MagicMatch
[2011.03.09 22:16:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MAI
[2012.02.01 21:03:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Meridian93
[2011.06.27 22:19:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Merscom
[2012.11.12 09:28:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mikrotik
[2011.05.06 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MummyPuzzle
[2011.04.22 20:48:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\My Games
[2012.01.28 13:48:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mystery of Mortlake Mansion
[2012.01.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MysteryStudio
[2011.10.17 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2011.07.17 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera
[2011.10.17 18:30:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2012.02.27 14:26:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Pirateville
[2012.02.27 14:26:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PlayFirst
[2011.06.28 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Playrix Entertainment
[2012.07.15 00:13:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Prison Break
[2011.12.14 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\RainbowGames
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Saqqarah
[2011.04.06 14:07:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShamanGS
[2011.03.09 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Shape games
[2013.10.28 13:33:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShinyTales
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StoneLoops!
[2011.10.03 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\The Creative Assembly
[2012.01.29 20:16:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TitanicMystery
[2011.12.12 17:23:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Trio
[2013.07.04 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TuneUp Software
[2012.02.18 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\URSE Games
[2011.07.06 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Val'Gor 2
[2011.07.06 14:08:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ValGor_2
[2012.02.03 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Vast Studios
[2012.11.25 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Wargaming.net
[2011.11.13 13:31:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Win7codecs
[2011.05.28 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\YoudaGames
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.10.27 13:40:12 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\729381effac1b5ef773ba06d921b9b1a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\729381effac1b5ef773ba06d921b9b1a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\866820ae117b9d8f22a2f9c78424d34e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\866820ae117b9d8f22a2f9c78424d34e\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.06.10 17:51:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Adobe
[2011.03.09 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AdobeUM
[2012.02.24 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Arkadium
[2011.03.09 21:54:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ATI
[2013.09.29 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVG2014
[2012.03.19 13:22:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Awem
[2011.05.06 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Az-Art
[2011.07.11 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Bioshock2
[2012.01.29 16:05:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Boolat Games
[2012.01.27 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Broad Intelligence
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Brunhilda
[2011.03.09 22:15:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CannyGames
[2011.03.28 16:40:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CyberLink
[2011.03.10 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2011.09.02 23:08:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DMCache
[2012.02.19 20:26:40 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\dvdcss
[2011.05.05 19:20:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.08 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Floodlight Games
[2011.10.16 10:17:24 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreePDF
[2011.05.28 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FriendsGamesNetwork
[2011.04.22 20:49:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Funlinker
[2012.02.23 14:21:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gaijin Ent
[2011.03.27 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2011.03.09 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gold Casual Games
[2012.02.02 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HdO Adventure
[2012.02.27 10:41:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HitPoint Studios
[2012.03.19 14:34:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IBAGroup
[2011.03.09 18:23:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Identities
[2012.02.18 17:44:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\iWin
[2012.03.17 21:22:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Jewel Keepers Easter Island
[2011.03.09 22:20:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\kingdom
[2012.03.18 18:03:05 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LaJangada
[2011.07.05 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LestaStudio
[2011.03.10 11:18:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Macromedia
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MagicMatch
[2011.03.09 22:16:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MAI
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Center Programs
[2012.02.01 21:03:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Meridian93
[2011.06.27 22:19:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Merscom
[2013.11.04 12:39:53 | 000,000,000 | --SD | M] -- C:\Users\John\AppData\Roaming\Microsoft
[2012.11.12 09:28:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mikrotik
[2013.10.25 12:31:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla
[2011.05.06 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MummyPuzzle
[2011.04.22 20:48:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\My Games
[2012.01.28 13:48:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mystery of Mortlake Mansion
[2012.01.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MysteryStudio
[2011.12.28 00:24:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nero
[2011.10.17 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2011.07.17 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera
[2011.10.17 18:30:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2012.02.27 14:26:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Pirateville
[2012.02.27 14:26:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PlayFirst
[2011.06.28 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Playrix Entertainment
[2012.07.15 00:13:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Prison Break
[2011.12.14 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\RainbowGames
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Saqqarah
[2011.04.06 14:07:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShamanGS
[2011.03.09 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Shape games
[2013.10.28 13:33:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShinyTales
[2013.11.17 15:44:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Skype
[2011.09.23 09:13:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\skypePM
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StoneLoops!
[2011.10.03 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\The Creative Assembly
[2012.01.29 20:16:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TitanicMystery
[2011.12.12 17:23:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Trio
[2013.07.04 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TuneUp Software
[2012.02.18 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\URSE Games
[2011.07.06 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Val'Gor 2
[2011.07.06 14:08:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ValGor_2
[2012.02.03 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Vast Studios
[2011.12.26 18:29:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\vlc
[2012.11.25 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Wargaming.net
[2011.11.13 13:31:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Win7codecs
[2011.03.12 10:54:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinRAR
[2011.05.28 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\YoudaGames
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.11.17 19:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:33:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2013.11.16 23:13:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.11.16 23:13:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.11.17 15:33:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2013.11.17 15:33:01 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2013.11.17 15:32:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwcollectorres.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll
[2013.11.17 15:32:58 | 011,220,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.11.17 15:33:02 | 002,166,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2013.11.17 15:33:00 | 000,016,284 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2013.11.17 15:33:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2013.11.17 15:32:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.11.17 15:33:00 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2013.11.17 15:33:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.11.17 15:33:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll
[2013.11.17 15:32:59 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.11.17 15:32:59 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll
[2013.11.17 15:33:02 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll
[2013.11.17 15:33:02 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.11.16 23:11:26 | 080,340,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2013.11.17 15:33:00 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2013.11.17 15:33:00 | 017,142,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2013.11.17 15:32:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll
[2013.11.17 15:33:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.11.17 15:33:00 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013.11.17 15:33:02 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsSpellCheckingFacility.exe
[2013.11.17 15:32:59 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013.11.17 15:56:44 | 000,123,564 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.11.17 15:56:44 | 000,107,522 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.11.17 15:56:44 | 000,631,138 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.11.17 15:56:44 | 000,623,890 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.11.17 15:56:44 | 001,473,146 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.11.17 15:32:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2013.11.17 15:33:02 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2013.11.17 15:33:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.11.17 15:33:02 | 001,156,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2013.11.17 15:33:00 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013.11.17 15:33:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.11.17 15:33:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2013.11.17 15:33:02 | 001,818,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2011.03.09 22:17:24 | 000,357,986 | ---- | M] () -- \Users\John\AppData\Local\GameHouse\Bejeweled3\cached\sounds\firework_crackle.wav
[2011.07.15 11:05:09 | 000,008,015 | ---- | M] () -- \Users\John\AppData\Roaming\LestaStudio\Nightmare Realm CE\profile1\hub_draughtroom_crack
[2011.07.15 11:05:09 | 000,040,548 | ---- | M] () -- \Users\John\AppData\Roaming\LestaStudio\Nightmare Realm CE\profile1\hub_draughtroom_crack_self
[2013.08.30 18:48:28 | 000,000,579 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2013.05.10 19:40:24 | 000,000,952 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Darksiders II + Crack, Trainer.lnk
[2013.05.10 16:13:55 | 000,000,747 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Darksiders II + Crack, Trainer.part1.lnk
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2011.04.29 12:02:26 | 001,882,240 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.08 01:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2011.10.08 01:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2011.10.08 01:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2011.10.08 01:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.02 02:54:04 | 000,097,974 | ---- | M] () -- \Users\John\AppData\Local\HiSuite\userdata\HiSuiteDownLoader.cfg
[2013.05.08 07:31:20 | 000,457,024 | ---- | M] () -- \Users\John\AppData\Local\HiSuite\userdata\HiSuiteDownLoader.exe
[2013.07.31 20:23:12 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[1].swf
[2013.08.01 13:50:23 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[2].swf
[2013.08.03 12:36:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[3].swf
[2013.08.08 20:14:07 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[4].swf
[2013.09.05 12:45:06 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[5].swf
[2013.10.03 14:36:20 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[6].swf
[2013.10.04 11:25:29 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[7].swf
[2013.10.03 14:36:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[10].swf
[2013.07.12 20:00:41 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[1].swf
[2013.08.05 10:23:33 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[2].swf
[2013.08.08 13:26:49 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[3].swf
[2013.08.08 20:14:19 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[4].swf
[2013.08.09 07:06:13 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[5].swf
[2013.08.09 12:54:25 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[6].swf
[2013.08.15 11:37:15 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[7].swf
[2013.08.29 12:57:24 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[8].swf
[2013.10.07 13:08:56 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[9].swf
[2013.07.25 11:09:54 | 000,650,107 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\CCPreloader[1].swf
[2013.07.29 11:36:38 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[1].swf
[2013.08.01 13:50:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[2].swf
[2013.08.09 11:30:22 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[3].swf
[2013.08.26 13:00:51 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[4].swf
[2013.08.13 12:29:28 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[5].swf
[2013.10.17 12:50:50 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[6].swf
[2013.07.25 10:58:11 | 000,017,943 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_bg[1].png
[2013.07.25 10:58:12 | 000,005,602 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_part2[1].png
[2013.07.25 10:58:12 | 000,004,687 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_part3[1].png
[2013.07.29 11:36:48 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[1].swf
[2013.08.05 10:23:44 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[2].swf
[2013.08.07 11:51:33 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[3].swf
[2013.08.08 11:21:22 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[4].swf
[2013.08.15 11:37:38 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[5].swf
[2013.08.23 20:01:41 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[6].swf
[2013.08.28 13:10:16 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[7].swf
[2013.10.29 13:57:00 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[8].swf
[2013.05.09 12:20:04 | 000,646,108 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\CCPreloader[1].swf
[2013.10.16 16:01:20 | 000,018,349 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\fileuploader_av.2013.59.4.min[1].js
[2013.04.19 09:30:19 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\jewel_loader[1].swf
[2013.07.25 10:58:09 | 000,001,046 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[1].js
[2013.07.10 15:28:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[1].swf
[2013.08.06 14:46:53 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[2].swf
[2013.08.23 20:01:26 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[3].swf
[2013.08.09 11:30:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[4].swf
[2013.08.29 12:57:35 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[6].swf
[2013.07.30 06:33:45 | 000,219,781 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\PRPreloader[1].swf
[2013.07.25 10:58:09 | 000,002,916 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[1].css
[2013.08.01 12:38:45 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[1].swf
[2013.08.05 13:25:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[2].swf
[2013.08.13 12:29:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[3].swf
[2013.10.07 13:08:42 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[4].swf
[2013.07.25 10:58:12 | 000,000,191 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader_modules_bar[1].png
[2013.07.25 10:58:12 | 000,000,147 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader_spacer[1].png
[2013.05.09 12:19:40 | 000,016,484 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\waiting_loader_white[1].gif
[2013.10.29 13:57:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[10].swf
[2013.07.31 12:49:15 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[1].swf
[2013.07.31 12:49:30 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[2].swf
[2013.08.05 19:42:00 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[3].swf
[2013.08.13 20:45:24 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[4].swf
[2013.08.26 13:01:03 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[5].swf
[2013.09.05 12:45:47 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[6].swf
[2013.08.28 13:10:28 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[7].swf
[2013.10.03 12:24:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[8].swf
[2013.10.03 12:24:47 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[9].swf
[2011.10.04 22:13:12 | 000,002,883 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CXWLSUL6\QuickLoader[1].js
[2013.05.10 20:47:56 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\jewel_loader[1].swf
[2013.08.05 19:41:50 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[1].swf
[2013.08.06 20:51:07 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[2].swf
[2013.08.29 08:08:36 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[3].swf
[2013.09.05 12:44:54 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[4].swf
[2013.09.05 12:45:40 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[5].swf
[2013.10.17 12:50:37 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[6].swf
[2013.10.04 11:25:45 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[7].swf
[2013.11.17 15:29:28 | 000,000,673 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S15S1FU2\loader.white[1].gif
[2013.08.16 10:46:00 | 000,003,344 | ---- | M] () -- \Users\John\AppData\Local\Temp\HiSuiteDownLoader.log
[339 \Users\John\AppData\Local\Temp\*.tmp files -> \Users\John\AppData\Local\Temp\*.tmp -> ]
[2013.08.27 20:26:23 | 000,003,208 | ---- | M] () -- \Users\John\AppData\Local\Temp\ibtmpc810619\config\ajax-loader.gif
[2013.08.27 20:26:23 | 000,006,820 | ---- | M] () -- \Users\John\AppData\Local\Temp\ibtmpc810619\config\ajax-loader2.gif
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011.03.09 19:33:01 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011.03.09 19:33:01 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011.03.09 19:33:01 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.10.05 22:14:22 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.10.05 22:14:22 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.10.05 22:14:22 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 18:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.11.16 19:10:45 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.11.13 16:13:30 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.28 22:29:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.29 08:50:51 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2003.02.21 07:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2004.04.23 14:25:46 | 000,022,659 | ---- | M] () -- \Windows\System32\Lserial.VxD
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011.03.09 19:32:58 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 05:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 18:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:62AC0CCE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:14D29229
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4EC7F009
< End of report >
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.11.17 15:46:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2013.11.17 15:33:02 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.11.17 15:33:02 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.11.17 15:33:02 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.11.17 15:33:01 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.11.17 15:33:01 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.11.17 15:33:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.11.17 15:33:00 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.11.17 15:33:00 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.11.17 15:33:00 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.11.17 15:33:00 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.11.17 15:33:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.11.17 15:33:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.11.17 15:33:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.11.17 15:32:59 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.11.17 15:32:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.11.17 15:32:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013.11.17 15:32:59 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.11.17 15:31:17 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.11.17 15:31:17 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.11.16 23:31:28 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.16 23:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2013.11.16 23:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2013.11.16 23:10:38 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.11.16 23:10:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013.11.16 23:10:33 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.11.16 23:10:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013.11.16 23:10:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013.11.16 23:10:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013.11.16 12:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.02 01:11:07 | 000,000,000 | R--D | C] -- C:\Users\John\Desktop\Saved Games
[2013.11.02 00:42:27 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013.11.02 00:42:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.11.02 00:42:23 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013.11.02 00:42:16 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.11.02 00:42:16 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.11.02 00:42:16 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013.11.02 00:42:11 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.11.02 00:42:11 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013.11.02 00:42:10 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.11.02 00:42:10 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013.11.02 00:42:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.11.02 00:42:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.11.02 00:42:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013.11.02 00:39:49 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.11.02 00:39:49 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.11.02 00:39:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.11.02 00:39:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.11.02 00:39:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.11.02 00:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.10.28 13:33:03 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\ShinyTales
[2013.10.27 13:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2013.10.27 13:42:08 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Macromedia
[2013.10.27 13:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013.10.25 12:31:53 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Mozilla
[2013.10.25 12:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.25 12:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.11.17 19:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.17 19:43:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.17 15:56:44 | 000,631,138 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.11.17 15:56:44 | 000,623,890 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.11.17 15:56:44 | 000,123,564 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.11.17 15:56:44 | 000,107,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2013.11.17 15:40:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.17 15:40:52 | 2364,940,288 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.17 15:33:02 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.11.17 15:33:02 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.11.17 15:33:02 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.11.17 15:33:01 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.11.17 15:33:01 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.11.17 15:33:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.11.17 15:33:00 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.11.17 15:33:00 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.11.17 15:33:00 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.11.17 15:33:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.11.17 15:33:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.11.17 15:33:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.11.17 15:33:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.11.17 15:33:00 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.11.17 15:32:59 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.11.17 15:32:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.11.17 15:32:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013.11.17 15:32:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.11.16 23:30:45 | 000,781,383 | ---- | M] () -- C:\Users\John\Desktop\RSIT.exe
[2013.11.16 23:13:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.11.16 23:13:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.11.02 10:55:56 | 000,006,403 | ---- | M] () -- C:\Users\John\Desktop\t-34-85-improvized-schurzen-466.htm
[2013.11.02 01:10:06 | 000,341,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.27 13:35:10 | 000,001,397 | ---- | M] () -- C:\Users\John\Desktop\Internet Explorer.lnk
[2013.10.25 12:31:49 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.17 15:52:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.17 15:33:00 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.11.16 23:30:45 | 000,781,383 | ---- | C] () -- C:\Users\John\Desktop\RSIT.exe
[2013.11.02 10:55:58 | 000,006,403 | ---- | C] () -- C:\Users\John\Desktop\t-34-85-improvized-schurzen-466.htm
[2013.10.27 13:40:12 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.27 13:35:10 | 000,001,397 | ---- | C] () -- C:\Users\John\Desktop\Internet Explorer.lnk
[2013.10.25 12:31:49 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.25 12:31:49 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.24 17:05:58 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.04.24 17:05:58 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.11.13 16:14:17 | 000,000,092 | ---- | C] () -- C:\Users\John\AppData\Local\fusioncache.dat
[2012.03.09 00:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2012.03.06 18:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.15 20:23:32 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011.06.22 17:25:40 | 000,005,632 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.20 19:41:10 | 000,022,328 | ---- | C] () -- C:\Users\John\AppData\Roaming\PnkBstrK.sys
[2011.06.10 21:24:30 | 000,007,603 | ---- | C] () -- C:\Users\John\AppData\Local\Resmon.ResmonCfg
[2011.05.04 18:39:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2002.07.01 15:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\John\AppData\Roaming\brun_nbeta12.dat
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.01.31 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.02.24 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Arkadium
[2013.09.29 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVG2014
[2012.03.19 13:22:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Awem
[2011.05.06 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Az-Art
[2011.07.11 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Bioshock2
[2012.01.29 16:05:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Boolat Games
[2012.01.27 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Broad Intelligence
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Brunhilda
[2011.03.09 22:15:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CannyGames
[2011.03.10 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2011.09.02 23:08:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DMCache
[2011.05.05 19:20:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.08 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Floodlight Games
[2011.10.16 10:17:24 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreePDF
[2011.05.28 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FriendsGamesNetwork
[2011.04.22 20:49:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Funlinker
[2012.02.23 14:21:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gaijin Ent
[2011.03.27 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2011.03.09 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gold Casual Games
[2012.02.02 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HdO Adventure
[2012.02.27 10:41:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HitPoint Studios
[2012.03.19 14:34:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IBAGroup
[2012.02.18 17:44:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\iWin
[2012.03.17 21:22:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Jewel Keepers Easter Island
[2011.03.09 22:20:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\kingdom
[2012.03.18 18:03:05 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LaJangada
[2011.07.05 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LestaStudio
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MagicMatch
[2011.03.09 22:16:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MAI
[2012.02.01 21:03:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Meridian93
[2011.06.27 22:19:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Merscom
[2012.11.12 09:28:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mikrotik
[2011.05.06 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MummyPuzzle
[2011.04.22 20:48:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\My Games
[2012.01.28 13:48:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mystery of Mortlake Mansion
[2012.01.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MysteryStudio
[2011.10.17 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2011.07.17 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera
[2011.10.17 18:30:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2012.02.27 14:26:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Pirateville
[2012.02.27 14:26:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PlayFirst
[2011.06.28 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Playrix Entertainment
[2012.07.15 00:13:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Prison Break
[2011.12.14 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\RainbowGames
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Saqqarah
[2011.04.06 14:07:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShamanGS
[2011.03.09 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Shape games
[2013.10.28 13:33:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShinyTales
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StoneLoops!
[2011.10.03 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\The Creative Assembly
[2012.01.29 20:16:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TitanicMystery
[2011.12.12 17:23:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Trio
[2013.07.04 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TuneUp Software
[2012.02.18 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\URSE Games
[2011.07.06 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Val'Gor 2
[2011.07.06 14:08:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ValGor_2
[2012.02.03 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Vast Studios
[2012.11.25 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Wargaming.net
[2011.11.13 13:31:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Win7codecs
[2011.05.28 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\YoudaGames
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.10.27 13:40:12 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\729381effac1b5ef773ba06d921b9b1a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\729381effac1b5ef773ba06d921b9b1a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\866820ae117b9d8f22a2f9c78424d34e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\866820ae117b9d8f22a2f9c78424d34e\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.06.10 17:51:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Adobe
[2011.03.09 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AdobeUM
[2012.02.24 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Arkadium
[2011.03.09 21:54:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ATI
[2013.09.29 15:00:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVG2014
[2012.03.19 13:22:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Awem
[2011.05.06 18:35:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Az-Art
[2011.07.11 20:28:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Bioshock2
[2012.01.29 16:05:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Boolat Games
[2012.01.27 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Broad Intelligence
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Brunhilda
[2011.03.09 22:15:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CannyGames
[2011.03.28 16:40:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CyberLink
[2011.03.10 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2011.09.02 23:08:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DMCache
[2012.02.19 20:26:40 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\dvdcss
[2011.05.05 19:20:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.08 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Floodlight Games
[2011.10.16 10:17:24 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreePDF
[2011.05.28 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FriendsGamesNetwork
[2011.04.22 20:49:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Funlinker
[2012.02.23 14:21:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gaijin Ent
[2011.03.27 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2011.03.09 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Gold Casual Games
[2012.02.02 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HdO Adventure
[2012.02.27 10:41:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HitPoint Studios
[2012.03.19 14:34:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IBAGroup
[2011.03.09 18:23:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Identities
[2012.02.18 17:44:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\iWin
[2012.03.17 21:22:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Jewel Keepers Easter Island
[2011.03.09 22:20:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\kingdom
[2012.03.18 18:03:05 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LaJangada
[2011.07.05 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LestaStudio
[2011.03.10 11:18:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Macromedia
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MagicMatch
[2011.03.09 22:16:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MAI
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Center Programs
[2012.02.01 21:03:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Meridian93
[2011.06.27 22:19:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Merscom
[2013.11.04 12:39:53 | 000,000,000 | --SD | M] -- C:\Users\John\AppData\Roaming\Microsoft
[2012.11.12 09:28:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mikrotik
[2013.10.25 12:31:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla
[2011.05.06 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MummyPuzzle
[2011.04.22 20:48:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\My Games
[2012.01.28 13:48:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mystery of Mortlake Mansion
[2012.01.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MysteryStudio
[2011.12.28 00:24:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nero
[2011.10.17 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2011.07.17 18:10:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera
[2011.10.17 18:30:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2012.02.27 14:26:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Pirateville
[2012.02.27 14:26:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PlayFirst
[2011.06.28 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Playrix Entertainment
[2012.07.15 00:13:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Prison Break
[2011.12.14 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\RainbowGames
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Saqqarah
[2011.04.06 14:07:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShamanGS
[2011.03.09 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Shape games
[2013.10.28 13:33:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ShinyTales
[2013.11.17 15:44:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Skype
[2011.09.23 09:13:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\skypePM
[2011.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\StoneLoops!
[2011.10.03 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\The Creative Assembly
[2012.01.29 20:16:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TitanicMystery
[2011.12.12 17:23:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Trio
[2013.07.04 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\TuneUp Software
[2012.02.18 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\URSE Games
[2011.07.06 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Val'Gor 2
[2011.07.06 14:08:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ValGor_2
[2012.02.03 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Vast Studios
[2011.12.26 18:29:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\vlc
[2012.11.25 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Wargaming.net
[2011.11.13 13:31:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Win7codecs
[2011.03.12 10:54:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinRAR
[2011.05.28 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\YoudaGames
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.11.17 19:44:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:48:26 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 15:33:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.11.17 15:33:01 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.11.17 15:33:02 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2013.11.16 23:13:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.11.16 23:13:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.11.17 15:33:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2013.11.17 15:33:01 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013.11.17 15:33:01 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2013.11.17 15:32:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.11.17 15:33:01 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2013.11.17 15:33:01 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.11.17 15:33:00 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.11.17 15:32:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwcollector.exe
[2013.11.17 15:32:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwcollectorres.dll
[2013.11.17 15:32:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll
[2013.11.17 15:32:58 | 011,220,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.11.17 15:32:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.11.17 15:33:01 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.11.17 15:33:02 | 002,166,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.11.17 15:33:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.11.17 15:32:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.11.17 15:32:58 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2013.11.17 15:33:00 | 000,016,284 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2013.11.17 15:33:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2013.11.17 15:33:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2013.11.17 15:32:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.11.17 15:33:00 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2013.11.17 15:33:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.11.17 15:33:01 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll
[2013.11.17 15:32:59 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.11.17 15:32:59 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.11.17 15:32:59 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll
[2013.11.17 15:33:02 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll
[2013.11.17 15:33:02 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2013.11.17 15:33:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.11.16 23:11:26 | 080,340,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2013.11.17 15:33:00 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.11.17 15:32:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.11.17 15:32:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2013.11.17 15:32:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2013.11.17 15:33:00 | 017,142,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.11.17 15:33:00 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2013.11.17 15:32:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll
[2013.11.17 15:33:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.11.17 15:32:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.11.17 15:33:00 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2013.11.17 15:33:02 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.11.17 15:33:02 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013.11.17 15:33:02 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsSpellCheckingFacility.exe
[2013.11.17 15:32:59 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013.11.17 15:56:44 | 000,123,564 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.11.17 15:56:44 | 000,107,522 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.11.17 15:56:44 | 000,631,138 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.11.17 15:56:44 | 000,623,890 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.11.17 15:56:44 | 001,473,146 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.11.17 15:32:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013.11.17 15:33:02 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2013.11.17 15:32:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2013.11.17 15:33:02 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2013.11.17 15:33:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.11.17 15:33:02 | 001,156,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2013.11.17 15:33:00 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013.11.17 15:33:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.11.17 15:33:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2013.11.17 15:33:02 | 001,818,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2011.03.09 22:17:24 | 000,357,986 | ---- | M] () -- \Users\John\AppData\Local\GameHouse\Bejeweled3\cached\sounds\firework_crackle.wav
[2011.07.15 11:05:09 | 000,008,015 | ---- | M] () -- \Users\John\AppData\Roaming\LestaStudio\Nightmare Realm CE\profile1\hub_draughtroom_crack
[2011.07.15 11:05:09 | 000,040,548 | ---- | M] () -- \Users\John\AppData\Roaming\LestaStudio\Nightmare Realm CE\profile1\hub_draughtroom_crack_self
[2013.08.30 18:48:28 | 000,000,579 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2013.05.10 19:40:24 | 000,000,952 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Darksiders II + Crack, Trainer.lnk
[2013.05.10 16:13:55 | 000,000,747 | ---- | M] () -- \Users\John\AppData\Roaming\Microsoft\Windows\Recent\Darksiders II + Crack, Trainer.part1.lnk
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2011.04.29 12:02:26 | 001,882,240 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.08 01:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2011.10.08 01:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2011.10.08 01:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2011.10.08 01:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.02 02:54:04 | 000,097,974 | ---- | M] () -- \Users\John\AppData\Local\HiSuite\userdata\HiSuiteDownLoader.cfg
[2013.05.08 07:31:20 | 000,457,024 | ---- | M] () -- \Users\John\AppData\Local\HiSuite\userdata\HiSuiteDownLoader.exe
[2013.07.31 20:23:12 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[1].swf
[2013.08.01 13:50:23 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[2].swf
[2013.08.03 12:36:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[3].swf
[2013.08.08 20:14:07 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[4].swf
[2013.09.05 12:45:06 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[5].swf
[2013.10.03 14:36:20 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[6].swf
[2013.10.04 11:25:29 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0S7PSIIG\loader[7].swf
[2013.10.03 14:36:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[10].swf
[2013.07.12 20:00:41 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[1].swf
[2013.08.05 10:23:33 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[2].swf
[2013.08.08 13:26:49 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[3].swf
[2013.08.08 20:14:19 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[4].swf
[2013.08.09 07:06:13 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[5].swf
[2013.08.09 12:54:25 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[6].swf
[2013.08.15 11:37:15 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[7].swf
[2013.08.29 12:57:24 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[8].swf
[2013.10.07 13:08:56 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\343519QE\loader[9].swf
[2013.07.25 11:09:54 | 000,650,107 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\CCPreloader[1].swf
[2013.07.29 11:36:38 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[1].swf
[2013.08.01 13:50:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[2].swf
[2013.08.09 11:30:22 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[3].swf
[2013.08.26 13:00:51 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[4].swf
[2013.08.13 12:29:28 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[5].swf
[2013.10.17 12:50:50 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader[6].swf
[2013.07.25 10:58:11 | 000,017,943 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_bg[1].png
[2013.07.25 10:58:12 | 000,005,602 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_part2[1].png
[2013.07.25 10:58:12 | 000,004,687 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4MYVMF92\loader_part3[1].png
[2013.07.29 11:36:48 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[1].swf
[2013.08.05 10:23:44 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[2].swf
[2013.08.07 11:51:33 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[3].swf
[2013.08.08 11:21:22 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[4].swf
[2013.08.15 11:37:38 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[5].swf
[2013.08.23 20:01:41 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[6].swf
[2013.08.28 13:10:16 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[7].swf
[2013.10.29 13:57:00 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4XTQEWKN\loader[8].swf
[2013.05.09 12:20:04 | 000,646,108 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\CCPreloader[1].swf
[2013.10.16 16:01:20 | 000,018,349 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\fileuploader_av.2013.59.4.min[1].js
[2013.04.19 09:30:19 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\jewel_loader[1].swf
[2013.07.25 10:58:09 | 000,001,046 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[1].js
[2013.07.10 15:28:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[1].swf
[2013.08.06 14:46:53 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[2].swf
[2013.08.23 20:01:26 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[3].swf
[2013.08.09 11:30:32 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[4].swf
[2013.08.29 12:57:35 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\loader[6].swf
[2013.07.30 06:33:45 | 000,219,781 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5CV8CL6B\PRPreloader[1].swf
[2013.07.25 10:58:09 | 000,002,916 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[1].css
[2013.08.01 12:38:45 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[1].swf
[2013.08.05 13:25:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[2].swf
[2013.08.13 12:29:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[3].swf
[2013.10.07 13:08:42 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader[4].swf
[2013.07.25 10:58:12 | 000,000,191 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader_modules_bar[1].png
[2013.07.25 10:58:12 | 000,000,147 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\loader_spacer[1].png
[2013.05.09 12:19:40 | 000,016,484 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8QEKMM15\waiting_loader_white[1].gif
[2013.10.29 13:57:17 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[10].swf
[2013.07.31 12:49:15 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[1].swf
[2013.07.31 12:49:30 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[2].swf
[2013.08.05 19:42:00 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[3].swf
[2013.08.13 20:45:24 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[4].swf
[2013.08.26 13:01:03 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[5].swf
[2013.09.05 12:45:47 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[6].swf
[2013.08.28 13:10:28 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[7].swf
[2013.10.03 12:24:34 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[8].swf
[2013.10.03 12:24:47 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AU0R69UU\loader[9].swf
[2011.10.04 22:13:12 | 000,002,883 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CXWLSUL6\QuickLoader[1].js
[2013.05.10 20:47:56 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\jewel_loader[1].swf
[2013.08.05 19:41:50 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[1].swf
[2013.08.06 20:51:07 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[2].swf
[2013.08.29 08:08:36 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[3].swf
[2013.09.05 12:44:54 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[4].swf
[2013.09.05 12:45:40 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[5].swf
[2013.10.17 12:50:37 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[6].swf
[2013.10.04 11:25:45 | 000,000,000 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L45LRKP3\loader[7].swf
[2013.11.17 15:29:28 | 000,000,673 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S15S1FU2\loader.white[1].gif
[2013.08.16 10:46:00 | 000,003,344 | ---- | M] () -- \Users\John\AppData\Local\Temp\HiSuiteDownLoader.log
[339 \Users\John\AppData\Local\Temp\*.tmp files -> \Users\John\AppData\Local\Temp\*.tmp -> ]
[2013.08.27 20:26:23 | 000,003,208 | ---- | M] () -- \Users\John\AppData\Local\Temp\ibtmpc810619\config\ajax-loader.gif
[2013.08.27 20:26:23 | 000,006,820 | ---- | M] () -- \Users\John\AppData\Local\Temp\ibtmpc810619\config\ajax-loader2.gif
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011.03.09 19:33:01 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011.03.09 19:33:01 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011.03.09 19:33:01 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.10.05 22:14:22 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.10.05 22:14:22 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.10.05 22:14:22 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 18:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.11.16 19:10:45 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.11.13 16:13:30 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.28 22:29:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.29 08:50:51 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2003.02.21 07:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2004.04.23 14:25:46 | 000,022,659 | ---- | M] () -- \Windows\System32\Lserial.VxD
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011.03.09 19:32:58 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 05:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 18:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:62AC0CCE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:14D29229
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4EC7F009
< End of report >
Re: Prosím o kontrolu logu! budu velice vděčný!
Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce25.12. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
