RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : T-fon [Práva správce]
Mód : Kontrola -- Datum : 01/04/2013 08:10:18
¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH] M4-Service.exe -- C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Service.exe -> SMAZÁNO [TermProc]
[SUSP PATH] M4-Capture.exe -- C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe -> SMAZÁNO [TermProc]
[SUSP PATH] mHotkey.exe -- C:\Windows\mHotkey.exe -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : Adobe (C:\ProgramData\Adobe\5113C0.vbe) -> NALEZENO
[Services][ROGUE ST] HKLM\[...]\ControlSet002\Services\33165063 (C:\Windows\system32\DRIVERS\33165063.sys) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3750528AS ATA Device +++++
--- User ---
[MBR] e19b0fea41e164ebf09956618639042f
[BSP] 9e59670d5bf35203ddada7595297c156 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 149997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 307194930 | Size: 565397 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: M4-CT128M4SSD2 ATA Device +++++
--- User ---
[MBR] e5289a849b1da60aafc95435cfc71620
[BSP] f42bc8f0b1fa85ea2968ec5fc6ef8367 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_01042013_02d0810.txt >>
RKreport[1]_S_01042013_02d0810.txt
Program svchost.exe přestal pracovat + Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Program svchost.exe přestal pracovat
aha , účet...
AVP tools --no jen ty nákazy , ne celý log..
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
C:\Users\T-fon\AppData\Local\Temp\svchost.exe
smažeme potom..
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na :
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
AVP tools --no jen ty nákazy , ne celý log..
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
C:\Users\T-fon\AppData\Local\Temp\svchost.exe
smažeme potom..
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na :
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Program svchost.exe přestal pracovat
Výsledky z Esetu:
C:\ProgramData\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
C:\Users\All Users\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
Co se tyka AVP tool, netuším, jak vybrat jen nákazy, když log má přes 4 miliony řádků.
C:\ProgramData\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
C:\Users\All Users\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
Co se tyka AVP tool, netuším, jak vybrat jen nákazy, když log má přes 4 miliony řádků.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Program svchost.exe přestal pracovat
Pokud se Ti log nezobrazí:
Pokud máš AVPtool stále zapnutý, zkus zmáčknout tlačítko Zpráva (Report).
Pokud se Ti zobrazí tabulka, klikni na ní pravým myšítkem a dej Maximalize a měli by se Ti zobrazit výsledky.
To si dělal?
Znovu:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
C:\Users\T-fon\AppData\Local\Temp\svchost.exe
C:\ProgramData\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
C:\Users\All Users\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
Smažeme v něm.
Pokud máš AVPtool stále zapnutý, zkus zmáčknout tlačítko Zpráva (Report).
Pokud se Ti zobrazí tabulka, klikni na ní pravým myšítkem a dej Maximalize a měli by se Ti zobrazit výsledky.
To si dělal?
Znovu:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
C:\Users\T-fon\AppData\Local\Temp\svchost.exe
C:\ProgramData\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
C:\Users\All Users\Adobe\5113C0.vbe VBS/CoinMiner.C trojan
Smažeme v něm.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Program svchost.exe přestal pracovat
s tim AVP jsem asi něco udělal špatně, ale Report jsem zmáčknul, zobrazila se tabulka, tu jsem uložil a výsledek je ten 700 MB soubor s 4milionama řádků :(
Extras:
OTL Extras logfile created on: 5.1.2013 13:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\T-fon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,16% Memory free
15,92 Gb Paging File | 13,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 32,23 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 135,55 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive G: | 552,15 Gb Total Space | 94,13 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Computer Name: TONDA | User Name: T-fon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{036B00F3-6F6A-45DB-AC2D-00A2A43A15E5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08704E19-CC56-444B-B2E1-402F789A3FA7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0DF5C7CB-CA21-4B15-BF84-4DD40D29D604}" = rport=2869 | protocol=6 | dir=out | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D29B9ED-524D-42B3-A34A-57B95D6E10C1}" = lport=18343 | protocol=17 | dir=in | name=bitcomet 18343 udp |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32BF13BF-8668-4E11-8FA3-83B1B558B4DE}" = lport=5357 | protocol=6 | dir=in | app=system |
"{366380C3-1FCC-4616-A841-286671B632CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A23AC7C-CA60-49A7-A725-E3610716A61F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4A0777F4-79C9-44D8-8D9C-32A236FF7CDF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6B209DD6-AEA2-463C-8606-D46070ADFFB9}" = lport=138 | protocol=17 | dir=in | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FBC2C92-F34F-47D9-B4E7-91EB9D8B334D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{748ABD3C-7009-46F2-9A7D-AC4D0529AFA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79A41806-61B0-41B7-B362-7A7A0044ABB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E062AC1-44A1-4A52-A70F-F2500DDF4E96}" = rport=138 | protocol=17 | dir=out | app=system |
"{83D7A38A-0782-4C1F-B123-7E01C9DAF878}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8475C4DF-5681-4490-94FD-CB98312EF174}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8CA2D067-322F-4D15-BE92-13E13129F397}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5126662-21F9-4378-85D4-B11567384E97}" = rport=445 | protocol=6 | dir=out | app=system |
"{A7563025-6870-408A-8224-8581B31DA343}" = rport=5358 | protocol=6 | dir=out | app=system |
"{A840D6F6-FB09-4F8C-9383-4B0E407D497B}" = lport=18343 | protocol=6 | dir=in | name=bitcomet 18343 tcp |
"{A87A3901-1CF0-453B-B2BD-6F5E3C8238D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{A8D7EE96-F2A5-42C4-BE65-1EAB0DC364C8}" = lport=18343 | protocol=6 | dir=in | name=bitcomet 18343 tcp |
"{AEC01129-2984-46A0-B042-E9F08E5EC5B1}" = lport=139 | protocol=6 | dir=in | app=system |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B866E72B-ECBD-4434-8C36-A4ABB04F70F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{B96AB7B7-8345-4E5E-A521-A99C2BBBCA82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BFAECC8A-8193-4839-B549-90DB142B13FA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE2606B5-A296-4699-8889-59FD34A14FAF}" = lport=5358 | protocol=6 | dir=in | app=system |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3366B47-54A4-4FC1-8009-7A82ADE77E77}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D4C9BAFA-447C-43F6-A79E-BACE59960096}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D68DF80B-450D-4EA1-8FC2-A54C435E662D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D861D7E3-1561-4A14-B552-89E3B92D0039}" = lport=18343 | protocol=17 | dir=in | name=bitcomet 18343 udp |
"{D9976B26-EDC0-4A8D-BF55-D6671EB66D86}" = rport=139 | protocol=6 | dir=out | app=system |
"{DB3303BD-D0C4-44B4-A317-59F174EF4F4A}" = rport=5357 | protocol=6 | dir=out | app=system |
"{E1FE83F3-D290-4411-8989-2DB66C83D4DA}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{E3559E3F-74DE-448D-8816-9437624D5331}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EEAD4ED4-1DA9-426C-8F23-799BC51DAB7A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F1C12E4B-CB53-48AC-8A04-17A14C88A836}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F731CE9F-2D8F-4539-B495-66A5E95F3C6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F81BC6A5-0925-4F9E-AE30-8B61B38268D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCF84DBC-598A-46CA-B2B3-31DAD56CBB23}" = lport=137 | protocol=17 | dir=in | app=system |
"{FE1F91FD-23D4-4EA0-8EE1-510882CE1739}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FFCA0348-A3DA-454F-9DE7-003503D747E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{00905BDD-BEF5-4ED7-9ED4-0B405D08333B}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0DF36F20-AB0B-4A49-AD90-F860DEEE7293}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{17B236A7-679C-4680-8E69-EE4D34F629AE}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{2664E7E2-EB96-49FD-B70E-979113F22598}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2985CA6A-FFBA-421C-8B00-871B10197300}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A4C3441-B3FA-49E3-993F-5CA2411EBBB4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2B493CED-7ADF-4415-9A6E-E3466A33D141}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2BCE6BA6-75AE-4547-B971-4335DD11283A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2F1A751B-96E8-405D-86ED-EC17DA403FD0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{31EDF6F7-D82A-44F9-9600-934E55FC3195}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{3B6ABEA9-5E4B-4F80-961A-741AE5A96236}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EA45075-3E86-455E-9A10-71044D01159C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{4512EEFB-CDED-4F4D-96C0-325C9E006D6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{48447B24-C3FB-4844-971B-2B7D6ED775F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4E5A9355-BA98-43B2-80CB-E325D050E28A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F988FC8-B8FB-4DC1-B8B4-37B4FCF9AF74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54EA50F4-AEF8-44EC-930B-9C83F10D3A2C}" = protocol=6 | dir=out | app=system |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6136DE08-EDB4-48CD-A89F-021BD9883236}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67B99007-FD23-4131-A4F7-81AFEB34A1E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CFC8683-9252-4BAF-85BF-C5B569021AB1}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{6FEE3E61-4C94-40D8-A6C8-0CF8D05D616B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBFF2F-3A18-4B62-8C04-2423A09AD460}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{82C8A46D-C748-4088-A16A-4991E361CDE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83C05C27-23D2-4085-81F0-378F56E5B979}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88F07AFF-019D-487F-9C84-AC2CDC813174}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{9017A44F-9F47-4002-90B8-061F8444B6EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{959F5F95-D5C3-4A6A-8B3B-2D0F7902A61F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96FC1202-357F-43A8-A02D-2B0744B47997}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9784731A-491C-4D78-BACA-35B0D61DF59B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9ED2B25F-08F1-468B-873D-CEB924E8EA8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAC7DFE8-1CFE-49A8-9B64-AD2E07D177B3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF5E3A94-D0FD-480A-B290-EC80A0A42366}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B0512634-9A7E-4623-AE44-C6C80774C043}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B78D8C5E-7B8E-4B68-9753-78B7D4B4E1B9}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BE3AE80E-7C1D-4221-A76B-9282DB276BB1}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{C09E5A2B-0103-4D84-A1BC-4364F756B066}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D245C68F-8362-4AF8-ABD5-79A6A5ADCA12}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D45FF0C5-6A12-4D5D-95C3-546327503D6C}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{D717EBE2-2C47-4D79-AD45-6D1F3F4E09FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DCB9952A-4A8A-419D-B17D-CC2B45B0C768}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{E1A6CB38-1161-49CC-9930-E38FB1171BEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E82958F3-5593-4501-A463-2226D36A690E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F782F663-FAB9-4528-A53B-4AF12A980CC4}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFDF18E2-8708-4052-9304-3F764FA1B0EA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-A001-0405-0102-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUS_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUS_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUS_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Jazykový balíček Autodesk Inventor Fusion 2012
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"CCleaner" = CCleaner
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = Catalyst Control Center
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{40BF1520-BAB7-4B38-A2FB-C474A888FACA}" = The Bat! Professional v3.99.3
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4F896DE0-EF26-11D5-BBEC-00D0B740900A}" = Multimedia keyboard driver Ver1.07
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.24
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86F0D54A-8774-E4B9-F616-A2F34F518FCB}" = Winamax Poker
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FB44C8-6E0D-4FDF-9E85-B765F50CE5B1}" = TableNinja
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4525BC6-FBDC-469E-AC39-AA18F8E4C69A}" = TableNinja
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD2159B1-587B-4D2D-BBA7-E4DED642836B}" = InfoMapa 18
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"ACDSee 2009 Photo Manager Build 85" = Čeština do ACDSee 2009 Photo Manager Build 85
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0
"Betfair Poker_is1" = Betfair Poker 1.0.0
"BitComet" = BitComet 1.23
"BSPlayerp" = BS.Player PRO
"Cyklotrasy 2.27" = Cyklotrasy 2.27
"DivX Codec" = Remove DivX Pro Codec
"GOM Player" = GOM Player
"HoldemManager" = Holdem Manager
"HoldemManager2" = Holdem Manager 2
"IETester" = IETester v0.4.11 (remove only)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Maxthon3" = Maxthon 3
"Mozilla Firefox 10.0.1 (x86 cs)" = Mozilla Firefox 10.0.1 (x86 cs)
"Nokia Suite" = Nokia Suite
"Opera 11.61.1250" = Opera 11.61
"Orcs Must Die!_is1" = Orcs Must Die!
"PartyPoker" = PartyPoker
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PokerStars.fr" = PokerStars.fr
"PostgreSQL 8.4" = PostgreSQL 8.4
"PowerISO" = PowerISO
"SitNGoWizard" = SitNGo Wizard
"Titan Poker" = Titan Poker
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Universal Replayer" = Universal Replayer
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3.1.2013 17:38:21 | Computer Name = Tonda | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
Error - 4.1.2013 2:57:18 | Computer Name = Tonda | Source = Application Hang | ID = 1002
Description = Program NOTEPAD.EXE verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 23f8 Čas spuštění: 01cdea487bde2bc8 Čas ukončení: 3 Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID
hlášení: f74debb5-563b-11e2-8aef-902b345b6de5
Error - 4.1.2013 17:00:47 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x944 Čas spuštění
chybující aplikace: 0x01cdeabe913c4514 Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cf886cd2-56b1-11e2-a387-902b345b6de5
Error - 4.1.2013 17:02:22 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
Error - 4.1.2013 17:08:08 | Computer Name = Tonda | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 4.1.2013 17:08:21 | Computer Name = Tonda | Source = Application Hang | ID = 1002
Description = Program NOTEPAD.EXE verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 6ec Čas spuštění: 01cdeabf578e2b27 Čas ukončení: 10 Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID
hlášení: d8ed2b93-56b2-11e2-a387-902b345b6de5
Error - 4.1.2013 17:08:24 | Computer Name = Tonda | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 5.1.2013 4:02:52 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0xf48 Čas spuštění
chybující aplikace: 0x01cdeb1b0e9d4412 Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 4d7147b5-570e-11e2-8a82-902b345b6de5
Error - 5.1.2013 4:04:28 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
Error - 5.1.2013 8:05:13 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0xf84 Čas spuštění
chybující aplikace: 0x01cdeb3cea2e6bff Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 2879b119-5730-11e2-af5c-902b345b6de5
Error - 5.1.2013 8:06:49 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 2.1.2013 13:04:33 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 3.1.2013 13:01:44 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 3.1.2013 13:01:50 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 4.1.2013 3:09:53 | Computer Name = Tonda | Source = Service Control Manager | ID = 7034
Description = Služba M4-Service byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 4.1.2013 17:00:44 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.1.2013 17:00:50 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 5.1.2013 4:02:48 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 5.1.2013 4:02:55 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 5.1.2013 8:05:10 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 5.1.2013 8:05:14 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
< End of report >
Extras:
OTL Extras logfile created on: 5.1.2013 13:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\T-fon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,16% Memory free
15,92 Gb Paging File | 13,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 32,23 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 135,55 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive G: | 552,15 Gb Total Space | 94,13 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Computer Name: TONDA | User Name: T-fon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{036B00F3-6F6A-45DB-AC2D-00A2A43A15E5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08704E19-CC56-444B-B2E1-402F789A3FA7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0DF5C7CB-CA21-4B15-BF84-4DD40D29D604}" = rport=2869 | protocol=6 | dir=out | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D29B9ED-524D-42B3-A34A-57B95D6E10C1}" = lport=18343 | protocol=17 | dir=in | name=bitcomet 18343 udp |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32BF13BF-8668-4E11-8FA3-83B1B558B4DE}" = lport=5357 | protocol=6 | dir=in | app=system |
"{366380C3-1FCC-4616-A841-286671B632CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A23AC7C-CA60-49A7-A725-E3610716A61F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4A0777F4-79C9-44D8-8D9C-32A236FF7CDF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6B209DD6-AEA2-463C-8606-D46070ADFFB9}" = lport=138 | protocol=17 | dir=in | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FBC2C92-F34F-47D9-B4E7-91EB9D8B334D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{748ABD3C-7009-46F2-9A7D-AC4D0529AFA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79A41806-61B0-41B7-B362-7A7A0044ABB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E062AC1-44A1-4A52-A70F-F2500DDF4E96}" = rport=138 | protocol=17 | dir=out | app=system |
"{83D7A38A-0782-4C1F-B123-7E01C9DAF878}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8475C4DF-5681-4490-94FD-CB98312EF174}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8CA2D067-322F-4D15-BE92-13E13129F397}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5126662-21F9-4378-85D4-B11567384E97}" = rport=445 | protocol=6 | dir=out | app=system |
"{A7563025-6870-408A-8224-8581B31DA343}" = rport=5358 | protocol=6 | dir=out | app=system |
"{A840D6F6-FB09-4F8C-9383-4B0E407D497B}" = lport=18343 | protocol=6 | dir=in | name=bitcomet 18343 tcp |
"{A87A3901-1CF0-453B-B2BD-6F5E3C8238D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{A8D7EE96-F2A5-42C4-BE65-1EAB0DC364C8}" = lport=18343 | protocol=6 | dir=in | name=bitcomet 18343 tcp |
"{AEC01129-2984-46A0-B042-E9F08E5EC5B1}" = lport=139 | protocol=6 | dir=in | app=system |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B866E72B-ECBD-4434-8C36-A4ABB04F70F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{B96AB7B7-8345-4E5E-A521-A99C2BBBCA82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BFAECC8A-8193-4839-B549-90DB142B13FA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE2606B5-A296-4699-8889-59FD34A14FAF}" = lport=5358 | protocol=6 | dir=in | app=system |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3366B47-54A4-4FC1-8009-7A82ADE77E77}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D4C9BAFA-447C-43F6-A79E-BACE59960096}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D68DF80B-450D-4EA1-8FC2-A54C435E662D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D861D7E3-1561-4A14-B552-89E3B92D0039}" = lport=18343 | protocol=17 | dir=in | name=bitcomet 18343 udp |
"{D9976B26-EDC0-4A8D-BF55-D6671EB66D86}" = rport=139 | protocol=6 | dir=out | app=system |
"{DB3303BD-D0C4-44B4-A317-59F174EF4F4A}" = rport=5357 | protocol=6 | dir=out | app=system |
"{E1FE83F3-D290-4411-8989-2DB66C83D4DA}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{E3559E3F-74DE-448D-8816-9437624D5331}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EEAD4ED4-1DA9-426C-8F23-799BC51DAB7A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F1C12E4B-CB53-48AC-8A04-17A14C88A836}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F731CE9F-2D8F-4539-B495-66A5E95F3C6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F81BC6A5-0925-4F9E-AE30-8B61B38268D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCF84DBC-598A-46CA-B2B3-31DAD56CBB23}" = lport=137 | protocol=17 | dir=in | app=system |
"{FE1F91FD-23D4-4EA0-8EE1-510882CE1739}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FFCA0348-A3DA-454F-9DE7-003503D747E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{00905BDD-BEF5-4ED7-9ED4-0B405D08333B}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0DF36F20-AB0B-4A49-AD90-F860DEEE7293}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{17B236A7-679C-4680-8E69-EE4D34F629AE}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{2664E7E2-EB96-49FD-B70E-979113F22598}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2985CA6A-FFBA-421C-8B00-871B10197300}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A4C3441-B3FA-49E3-993F-5CA2411EBBB4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2B493CED-7ADF-4415-9A6E-E3466A33D141}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2BCE6BA6-75AE-4547-B971-4335DD11283A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2F1A751B-96E8-405D-86ED-EC17DA403FD0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{31EDF6F7-D82A-44F9-9600-934E55FC3195}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{3B6ABEA9-5E4B-4F80-961A-741AE5A96236}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EA45075-3E86-455E-9A10-71044D01159C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{4512EEFB-CDED-4F4D-96C0-325C9E006D6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{48447B24-C3FB-4844-971B-2B7D6ED775F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4E5A9355-BA98-43B2-80CB-E325D050E28A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F988FC8-B8FB-4DC1-B8B4-37B4FCF9AF74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54EA50F4-AEF8-44EC-930B-9C83F10D3A2C}" = protocol=6 | dir=out | app=system |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6136DE08-EDB4-48CD-A89F-021BD9883236}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67B99007-FD23-4131-A4F7-81AFEB34A1E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CFC8683-9252-4BAF-85BF-C5B569021AB1}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{6FEE3E61-4C94-40D8-A6C8-0CF8D05D616B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBFF2F-3A18-4B62-8C04-2423A09AD460}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{82C8A46D-C748-4088-A16A-4991E361CDE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83C05C27-23D2-4085-81F0-378F56E5B979}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88F07AFF-019D-487F-9C84-AC2CDC813174}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{9017A44F-9F47-4002-90B8-061F8444B6EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{959F5F95-D5C3-4A6A-8B3B-2D0F7902A61F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96FC1202-357F-43A8-A02D-2B0744B47997}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9784731A-491C-4D78-BACA-35B0D61DF59B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9ED2B25F-08F1-468B-873D-CEB924E8EA8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAC7DFE8-1CFE-49A8-9B64-AD2E07D177B3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF5E3A94-D0FD-480A-B290-EC80A0A42366}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B0512634-9A7E-4623-AE44-C6C80774C043}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B78D8C5E-7B8E-4B68-9753-78B7D4B4E1B9}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BE3AE80E-7C1D-4221-A76B-9282DB276BB1}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{C09E5A2B-0103-4D84-A1BC-4364F756B066}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D245C68F-8362-4AF8-ABD5-79A6A5ADCA12}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D45FF0C5-6A12-4D5D-95C3-546327503D6C}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{D717EBE2-2C47-4D79-AD45-6D1F3F4E09FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DCB9952A-4A8A-419D-B17D-CC2B45B0C768}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{E1A6CB38-1161-49CC-9930-E38FB1171BEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E82958F3-5593-4501-A463-2226D36A690E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F782F663-FAB9-4528-A53B-4AF12A980CC4}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFDF18E2-8708-4052-9304-3F764FA1B0EA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-A001-0405-0102-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUS_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUS_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUS_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Jazykový balíček Autodesk Inventor Fusion 2012
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"CCleaner" = CCleaner
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = Catalyst Control Center
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{40BF1520-BAB7-4B38-A2FB-C474A888FACA}" = The Bat! Professional v3.99.3
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4F896DE0-EF26-11D5-BBEC-00D0B740900A}" = Multimedia keyboard driver Ver1.07
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.24
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86F0D54A-8774-E4B9-F616-A2F34F518FCB}" = Winamax Poker
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FB44C8-6E0D-4FDF-9E85-B765F50CE5B1}" = TableNinja
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4525BC6-FBDC-469E-AC39-AA18F8E4C69A}" = TableNinja
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD2159B1-587B-4D2D-BBA7-E4DED642836B}" = InfoMapa 18
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"ACDSee 2009 Photo Manager Build 85" = Čeština do ACDSee 2009 Photo Manager Build 85
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0
"Betfair Poker_is1" = Betfair Poker 1.0.0
"BitComet" = BitComet 1.23
"BSPlayerp" = BS.Player PRO
"Cyklotrasy 2.27" = Cyklotrasy 2.27
"DivX Codec" = Remove DivX Pro Codec
"GOM Player" = GOM Player
"HoldemManager" = Holdem Manager
"HoldemManager2" = Holdem Manager 2
"IETester" = IETester v0.4.11 (remove only)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0626.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Maxthon3" = Maxthon 3
"Mozilla Firefox 10.0.1 (x86 cs)" = Mozilla Firefox 10.0.1 (x86 cs)
"Nokia Suite" = Nokia Suite
"Opera 11.61.1250" = Opera 11.61
"Orcs Must Die!_is1" = Orcs Must Die!
"PartyPoker" = PartyPoker
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PokerStars.fr" = PokerStars.fr
"PostgreSQL 8.4" = PostgreSQL 8.4
"PowerISO" = PowerISO
"SitNGoWizard" = SitNGo Wizard
"Titan Poker" = Titan Poker
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Universal Replayer" = Universal Replayer
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3.1.2013 17:38:21 | Computer Name = Tonda | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
Error - 4.1.2013 2:57:18 | Computer Name = Tonda | Source = Application Hang | ID = 1002
Description = Program NOTEPAD.EXE verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 23f8 Čas spuštění: 01cdea487bde2bc8 Čas ukončení: 3 Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID
hlášení: f74debb5-563b-11e2-8aef-902b345b6de5
Error - 4.1.2013 17:00:47 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x944 Čas spuštění
chybující aplikace: 0x01cdeabe913c4514 Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cf886cd2-56b1-11e2-a387-902b345b6de5
Error - 4.1.2013 17:02:22 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
Error - 4.1.2013 17:08:08 | Computer Name = Tonda | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 4.1.2013 17:08:21 | Computer Name = Tonda | Source = Application Hang | ID = 1002
Description = Program NOTEPAD.EXE verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 6ec Čas spuštění: 01cdeabf578e2b27 Čas ukončení: 10 Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID
hlášení: d8ed2b93-56b2-11e2-a387-902b345b6de5
Error - 4.1.2013 17:08:24 | Computer Name = Tonda | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 5.1.2013 4:02:52 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0xf48 Čas spuštění
chybující aplikace: 0x01cdeb1b0e9d4412 Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 4d7147b5-570e-11e2-8a82-902b345b6de5
Error - 5.1.2013 4:04:28 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
Error - 5.1.2013 8:05:13 | Computer Name = Tonda | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x50338ad3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0xf84 Čas spuštění
chybující aplikace: 0x01cdeb3cea2e6bff Cesta k chybující aplikaci: C:\Users\T-fon\AppData\Local\Temp\svchost.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 2879b119-5730-11e2-af5c-902b345b6de5
Error - 5.1.2013 8:06:49 | Computer Name = Tonda | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 2.1.2013 13:04:33 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 3.1.2013 13:01:44 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 3.1.2013 13:01:50 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 4.1.2013 3:09:53 | Computer Name = Tonda | Source = Service Control Manager | ID = 7034
Description = Služba M4-Service byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 4.1.2013 17:00:44 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 4.1.2013 17:00:50 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 5.1.2013 4:02:48 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 5.1.2013 4:02:55 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
Error - 5.1.2013 8:05:10 | Computer Name = Tonda | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 5.1.2013 8:05:14 | Computer Name = Tonda | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.
< End of report >
Re: Program svchost.exe přestal pracovat
OTL 1.část:
OTL logfile created on: 5.1.2013 13:09:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\T-fon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,16% Memory free
15,92 Gb Paging File | 13,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 32,23 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 135,55 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive G: | 552,15 Gb Total Space | 94,13 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Computer Name: TONDA | User Name: T-fon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\T-fon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Service.exe ()
PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\mHotkey.exe (Chicony)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Windows\HKNTDLL.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (M4-Service) -- C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Service.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: firequery@binaryage.com:1.3
FF - prefs.js..extensions.enabledAddons: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 22:41:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.05 22:41:05 | 000,000,000 | ---D | M]
[2012.12.01 11:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Extensions
[2012.12.28 17:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions
[2012.11.18 21:41:00 | 002,042,908 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\firebug@software.joehewitt.com.xpi
[2012.10.11 20:05:47 | 000,106,668 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\firequery@binaryage.com.xpi
[2012.12.08 15:35:50 | 000,146,598 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
[2013.01.02 18:02:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.12.01 10:54:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.02.08 21:28:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2008.06.17 16:12:42 | 000,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll
[2008.06.11 22:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2012.02.08 19:26:04 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.02.08 20:26:48 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.08 20:26:48 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.08 20:26:48 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.08 20:26:48 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.08 20:26:48 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.01.01 17:07:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe] C:\ProgramData\Adobe\5113C0.vbe ()
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [CHotkey] C:\Windows\mHotkey.exe (Chicony)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\T-fon\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\T-fon\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38295D23-3CF4-4961-B197-DBCD88476AC2}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
OTL logfile created on: 5.1.2013 13:09:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\T-fon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,16% Memory free
15,92 Gb Paging File | 13,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 32,23 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 135,55 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive G: | 552,15 Gb Total Space | 94,13 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Computer Name: TONDA | User Name: T-fon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\T-fon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Service.exe ()
PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\mHotkey.exe (Chicony)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Windows\HKNTDLL.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (M4-Service) -- C:\Users\T-fon\AppData\Local\Mikogo4\Host\Service\M4-Service.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: firequery@binaryage.com:1.3
FF - prefs.js..extensions.enabledAddons: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 22:41:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.05 22:41:05 | 000,000,000 | ---D | M]
[2012.12.01 11:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Extensions
[2012.12.28 17:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions
[2012.11.18 21:41:00 | 002,042,908 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\firebug@software.joehewitt.com.xpi
[2012.10.11 20:05:47 | 000,106,668 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\firequery@binaryage.com.xpi
[2012.12.08 15:35:50 | 000,146,598 | ---- | M] () (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Firefox\Profiles\w522vrt2.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
[2013.01.02 18:02:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.12.01 10:54:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.02.08 21:28:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2008.06.17 16:12:42 | 000,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll
[2008.06.11 22:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2012.12.05 22:41:05 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2012.02.08 19:26:04 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.02.08 20:26:48 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.08 20:26:48 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.08 20:26:48 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.08 20:26:48 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.08 20:26:48 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\
CHR - Extension: No name found = C:\Users\T-fon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.01.01 17:07:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe] C:\ProgramData\Adobe\5113C0.vbe ()
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [CHotkey] C:\Windows\mHotkey.exe (Chicony)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\T-fon\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\T-fon\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38295D23-3CF4-4961-B197-DBCD88476AC2}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
Re: Program svchost.exe přestal pracovat
OTL 2.část:
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.05 13:08:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\T-fon\Desktop\OTL.exe
[2013.01.04 22:08:08 | 002,322,184 | ---- | C] (ESET) -- C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
[2013.01.04 08:09:51 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Desktop\RK_Quarantine
[2013.01.03 18:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.02 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Apple
[2013.01.01 22:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.01.01 22:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.01.01 17:15:34 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.01 17:15:34 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.01 17:15:34 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.01 17:15:34 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.01 17:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.01 17:11:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.01 17:07:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.01 10:59:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.12.31 13:00:13 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\cache
[2012.12.31 13:00:05 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Autodesk
[2012.12.28 22:24:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.28 22:24:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.28 17:44:23 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Malwarebytes
[2012.12.28 17:44:03 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.28 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.28 17:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.28 17:43:54 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Programs
[2012.12.28 16:04:22 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\ATI
[2012.12.28 16:04:20 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Adobe
[2012.12.28 11:22:09 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\T-fon\Desktop\HijackThis.exe
[2012.12.28 10:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.12.25 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Documents\Orcs Must Die
[2012.12.25 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Entertainment
[2012.12.24 17:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serpengo
[2012.12.24 17:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReflexiveArcade
[2012.12.24 16:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012.12.24 15:49:35 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Documents\Giana Sisters - Twisted Dreams
[2012.12.24 15:48:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.12.23 23:05:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.23 23:05:52 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.23 23:05:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.23 23:05:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.23 12:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamax Poker
[2012.12.23 10:56:44 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012.12.23 10:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2012.12.23 10:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.12.23 10:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VD
[2012.12.23 10:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDub
[2012.12.22 16:57:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012.12.22 16:55:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2012.12.22 16:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2012.12.22 16:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2012.12.22 16:55:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2012.12.22 16:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012.12.22 11:20:08 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.12.22 11:20:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.12.22 11:20:08 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.12.22 11:20:07 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.12.22 11:20:07 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.12.22 11:20:07 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.12.22 11:20:06 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.12.22 11:20:06 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.12.22 11:20:05 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.12.22 11:20:05 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.12.22 11:20:05 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.12.22 11:20:05 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.12.22 11:20:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.12.22 11:20:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.12.22 11:20:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.12.22 11:20:05 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.12.22 11:20:05 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.12.22 11:20:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.12.22 11:20:05 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.12.22 11:20:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.12.22 11:20:04 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.12.22 11:20:04 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.12.22 11:20:03 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.12.22 11:20:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.12.22 11:20:03 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.12.22 11:20:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.12.22 11:20:03 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.12.22 11:20:03 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.12.22 11:20:03 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.12.22 11:20:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.12.22 11:20:03 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.12.22 11:20:03 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.12.22 11:20:03 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.12.22 11:20:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.12.22 11:20:02 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.12.22 11:20:02 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.12.22 11:20:02 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.12.22 11:20:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.12.22 11:20:02 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.12.22 11:20:02 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.12.22 11:20:02 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.12.22 11:20:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.12.22 11:20:02 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.12.22 11:20:02 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.12.22 11:20:02 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.12.22 11:20:02 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.12.22 11:20:02 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.12.22 11:20:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.12.22 11:20:01 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.12.22 11:20:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.12.22 11:20:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.12.22 11:20:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.12.22 11:20:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.12.22 11:20:01 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.12.22 11:20:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.12.22 11:20:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.12.22 11:20:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.12.22 11:20:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.12.22 11:20:01 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.12.22 11:20:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.12.22 11:20:01 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.12.22 11:20:01 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.12.22 11:20:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.12.22 11:20:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.12.22 11:20:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.12.22 11:20:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.12.22 11:20:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.12.22 11:20:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.12.22 11:20:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.12.22 11:20:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.12.22 11:20:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.12.22 11:20:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.12.22 10:58:24 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Origin
[2012.12.22 10:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012.12.21 20:47:09 | 000,411,480 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll
[2012.12.21 20:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2012.12.21 20:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2012.12.21 20:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2012.12.21 18:43:47 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\My Games
[2012.12.21 18:42:14 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\PunkBuster
[2012.12.21 18:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012.12.20 22:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tor Browser
[2012.12.19 22:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.19 18:30:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.12.19 18:30:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2012.12.19 18:30:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.12.19 18:30:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.12.19 18:30:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.12.19 18:30:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.12.19 18:30:29 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.12.19 18:30:29 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.12.19 18:30:29 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.12.19 18:30:29 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.12.19 18:30:29 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.12.19 18:30:29 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.12.19 18:30:29 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.12.19 18:30:29 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.12.19 18:30:29 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.12.19 18:30:29 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.12.19 18:30:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.12.19 18:30:29 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.12.19 18:30:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.12.19 18:30:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.12.19 18:30:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.12.19 18:30:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.12.19 18:30:29 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.12.19 18:30:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.12.19 18:30:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.12.19 18:29:42 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.19 18:29:42 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.19 18:29:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.19 18:29:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.18 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\SKIDROW
[2012.12.18 13:30:10 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.18 13:25:16 | 000,000,000 | ---D | C] -- C:\Temp
[2012.12.15 13:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.12.15 13:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.12.15 10:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Giana Sisters - Twisted Dreams
[2012.12.15 10:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black Forest Games
[2012.12.15 10:17:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.12.15 10:17:11 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.12.15 10:17:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.12.15 10:17:11 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.12.15 10:17:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.12.15 10:17:11 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.12.15 10:17:11 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.12.15 10:17:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.12.15 09:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.12.12 11:39:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.12 11:39:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.12 11:39:42 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.12 11:39:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.12 11:39:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.12 11:39:42 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.12 11:39:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.12 11:39:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.12 11:39:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.12 11:39:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.12 11:39:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.12 11:39:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.12 11:39:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.12 11:39:41 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.12 11:39:41 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.12 07:50:49 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.12 07:50:49 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.12 07:50:49 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.12 07:50:49 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.12 07:50:49 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.12 07:50:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.12 07:50:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.12 07:50:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.12 07:50:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.12 07:50:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.12 07:50:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.12 07:50:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 07:50:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 07:50:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.12 07:50:45 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.12 07:50:45 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.10 19:55:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.12.09 22:53:14 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Call of Duty Black Ops 2
[2012.12.08 20:05:39 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Ubisoft Game Launcher
[2012.12.08 19:30:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012.12.08 19:30:24 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012.12.08 19:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.12.08 19:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.12.08 19:30:15 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012.12.08 19:24:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.12.08 19:24:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.12.08 19:24:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.12.08 19:24:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.12.08 19:24:03 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.12.08 19:24:03 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.12.08 19:24:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.12.08 19:24:02 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.12.08 19:24:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.12.08 19:24:02 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.12.08 19:24:02 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.12.08 19:24:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.12.08 19:24:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.12.08 19:24:02 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.12.08 19:24:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.12.08 19:24:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.12.08 19:24:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.12.08 19:24:02 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.12.08 19:24:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.12.08 19:24:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.12.08 19:24:02 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.12.08 19:24:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.12.08 19:24:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.12.08 19:24:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.12.08 19:24:01 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.12.08 19:24:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.12.08 19:24:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.12.08 19:24:01 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.12.08 19:24:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.12.08 19:24:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.12.08 19:24:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.12.08 19:24:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.12.08 19:24:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.12.08 19:24:01 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.12.08 19:24:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.12.08 19:24:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.12.08 19:24:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.12.08 19:24:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.12.08 19:24:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.12.08 19:24:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.12.08 19:24:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.12.08 19:24:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.12.08 19:24:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.12.08 19:24:00 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.12.08 19:24:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.12.08 19:24:00 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.12.08 19:24:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.12.08 19:24:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.12.08 19:24:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.12.08 19:24:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.12.08 19:24:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.12.08 19:24:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.12.08 19:24:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.12.08 19:23:59 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.12.08 19:23:59 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.12.08 19:23:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.12.08 19:23:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.12.08 19:23:59 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.12.08 19:23:59 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.12.08 19:23:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.12.08 19:23:59 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.12.08 19:23:59 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.12.08 19:23:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.12.08 19:23:59 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.12.08 19:23:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.12.08 19:23:59 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.12.08 19:23:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.12.08 19:23:58 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.12.08 19:23:58 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.12.08 19:23:58 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.12.08 19:23:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.12.08 19:23:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.12.08 19:23:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.12.08 19:23:58 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.12.08 19:23:58 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.12.08 19:23:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.12.08 19:23:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.12.08 19:23:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.12.08 19:23:56 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.12.08 19:23:56 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.12.08 19:23:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.12.08 19:23:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.12.08 19:23:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.12.08 19:23:56 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.12.08 19:23:56 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.12.08 19:23:56 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.12.08 19:23:56 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.12.08 19:23:55 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.12.08 19:23:55 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.12.08 19:23:55 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.12.08 19:23:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.12.08 19:23:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.12.08 19:23:55 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.12.08 15:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012.12.08 15:39:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2012.12.08 15:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.12.08 15:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Translator
[2012.12.08 15:33:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\T-fon
[2012.12.08 15:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012.12.08 15:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\TurAtlas
[2012.12.08 15:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PJsoft
[2012.12.08 15:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.12.08 15:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyklotrasy
[2012.12.08 15:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Core Services
[2012.12.08 13:43:29 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
========== Files - Modified Within 30 Days ==========
[2013.01.05 13:09:18 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.05 13:09:18 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.05 13:09:18 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.05 13:09:18 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.05 13:09:18 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.05 13:07:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\T-fon\Desktop\OTL.exe
[2013.01.05 13:05:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.05 13:04:55 | 2114,605,055 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.05 09:05:02 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.05 09:05:02 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.04 23:33:26 | 000,001,480 | ---- | M] () -- C:\Users\T-fon\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2013.01.04 22:08:00 | 002,322,184 | ---- | M] (ESET) -- C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
[2013.01.04 08:05:00 | 000,761,856 | ---- | M] () -- C:\Users\T-fon\Desktop\RogueKiller.exe
[2013.01.04 01:18:18 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2013.01.03 21:51:04 | 000,000,155 | ---- | M] () -- C:\Windows\winamp.ini
[2013.01.03 18:06:51 | 150,735,648 | ---- | M] () -- C:\Users\T-fon\Desktop\setup_11.0.0.1245.x01_2013_01_03_19_14.exe
[2013.01.03 18:03:42 | 000,000,035 | ---- | M] () -- C:\Users\T-fon\Desktop\find.bat
[2013.01.03 18:03:28 | 000,000,035 | ---- | M] () -- C:\Users\T-fon\Documents\find.bat
[2013.01.01 22:54:37 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.01 22:35:18 | 000,000,434 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.01.01 17:15:33 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.01 17:15:33 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.01 17:15:33 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.01 17:15:33 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.01 17:07:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.31 13:24:39 | 000,001,975 | ---- | M] () -- C:\Users\T-fon\Desktop\Universal Replayer.lnk
[2012.12.31 11:54:29 | 000,002,183 | ---- | M] () -- C:\Users\T-fon\URPreferences.xml
[2012.12.29 16:12:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.12.28 17:44:04 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 16:05:01 | 000,550,017 | ---- | M] () -- C:\Users\T-fon\Desktop\adwcleaner.exe
[2012.12.28 15:53:43 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012.12.28 15:53:43 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2012.12.28 15:53:27 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.12.28 11:22:10 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\T-fon\Desktop\HijackThis.exe
[2012.12.28 10:06:18 | 000,084,018 | ---- | M] () -- C:\Users\T-fon\Documents\cc_20121228_100611.reg
[2012.12.28 10:03:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.26 18:32:46 | 000,000,132 | ---- | M] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.12.25 16:35:50 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
[2012.12.24 16:26:45 | 000,001,111 | ---- | M] () -- C:\Users\T-fon\Desktop\Plants Vs Zombies.lnk
[2012.12.24 13:56:13 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.24 09:05:13 | 005,126,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.23 22:51:21 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2012.12.23 12:42:20 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Winamax Poker.lnk
[2012.12.23 11:18:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.12.23 10:48:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.12.22 21:58:33 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.12.22 17:55:56 | 000,000,132 | ---- | M] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012.12.22 17:18:59 | 000,001,319 | ---- | M] () -- C:\Users\T-fon\Desktop\Adobe After Effects CS4.lnk
[2012.12.22 16:55:59 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
[2012.12.22 15:10:13 | 000,061,952 | ---- | M] () -- C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.21 20:47:02 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012.12.21 18:42:20 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.20 22:14:52 | 000,001,077 | ---- | M] () -- C:\Users\T-fon\Desktop\Tor Browser.lnk
[2012.12.18 14:42:19 | 000,002,566 | ---- | M] () -- C:\Users\T-fon\Desktop\SnG Wizard.lnk
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.12 20:02:25 | 000,002,480 | ---- | M] () -- C:\Users\T-fon\Desktop\Google Chrome.lnk
[2012.12.12 15:07:51 | 000,003,029 | ---- | M] () -- C:\Users\T-fon\Desktop\TableNinja.lnk
[2012.12.12 09:23:01 | 000,001,572 | ---- | M] () -- C:\Users\T-fon\Desktop\EasyPHP-5.3.8.1.lnk
[2012.12.08 19:30:36 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.12.08 15:34:50 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2012.12.08 15:17:03 | 000,000,770 | ---- | M] () -- C:\Users\T-fon\Desktop\TurAtlasCR.lnk
[2012.12.08 15:16:39 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\InfoMapa 18.lnk
[2012.12.08 15:13:53 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Cyklotrasy.lnk
[2012.12.08 15:11:49 | 000,001,173 | ---- | M] () -- C:\Users\T-fon\Desktop\IETester.lnk
========== Files Created - No Company Name ==========
[2013.01.04 08:09:29 | 000,761,856 | ---- | C] () -- C:\Users\T-fon\Desktop\RogueKiller.exe
[2013.01.03 18:07:05 | 150,735,648 | ---- | C] () -- C:\Users\T-fon\Desktop\setup_11.0.0.1245.x01_2013_01_03_19_14.exe
[2013.01.03 18:03:42 | 000,000,035 | ---- | C] () -- C:\Users\T-fon\Desktop\find.bat
[2013.01.03 18:03:28 | 000,000,035 | ---- | C] () -- C:\Users\T-fon\Documents\find.bat
[2013.01.01 22:54:37 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.01.01 22:54:30 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.12.30 14:19:11 | 000,001,480 | ---- | C] () -- C:\Users\T-fon\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2012.12.28 17:44:04 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 17:40:10 | 000,550,017 | ---- | C] () -- C:\Users\T-fon\Desktop\adwcleaner.exe
[2012.12.28 10:06:14 | 000,084,018 | ---- | C] () -- C:\Users\T-fon\Documents\cc_20121228_100611.reg
[2012.12.28 10:03:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.27 11:50:46 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2012.12.25 16:35:50 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
[2012.12.24 16:26:45 | 000,001,111 | ---- | C] () -- C:\Users\T-fon\Desktop\Plants Vs Zombies.lnk
[2012.12.23 11:18:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.12.23 10:48:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.12.22 17:55:56 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012.12.22 17:18:59 | 000,001,319 | ---- | C] () -- C:\Users\T-fon\Desktop\Adobe After Effects CS4.lnk
[2012.12.22 16:55:59 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
[2012.12.22 16:54:16 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.12.21 20:47:02 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012.12.21 18:42:20 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.12 09:23:01 | 000,001,572 | ---- | C] () -- C:\Users\T-fon\Desktop\EasyPHP-5.3.8.1.lnk
[2012.12.08 19:30:35 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.12.08 19:24:17 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.08 15:34:50 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2012.12.08 15:23:14 | 000,002,566 | ---- | C] () -- C:\Users\T-fon\Desktop\SnG Wizard.lnk
[2012.12.08 15:16:39 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\InfoMapa 18.lnk
[2012.12.08 15:13:53 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Cyklotrasy.lnk
[2012.12.05 23:08:30 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2012.12.01 14:43:04 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.01 14:33:19 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2012.12.01 14:33:19 | 000,000,491 | ---- | C] () -- C:\Windows\Instit.ini
[2012.12.01 14:30:10 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2012.12.01 12:40:58 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.12.01 11:29:43 | 000,002,183 | ---- | C] () -- C:\Users\T-fon\URPreferences.xml
[2012.12.01 11:28:15 | 000,057,839 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\IDK
[2012.12.01 11:28:15 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.12.01 11:28:15 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2012.12.01 10:56:33 | 000,000,045 | ---- | C] () -- C:\Users\T-fon\AppData\Local\machpro.dat
[2012.12.01 10:56:32 | 000,061,952 | ---- | C] () -- C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.01 10:47:51 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2012.12.01 10:29:32 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.12.01 10:22:55 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.12.01 10:16:35 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.12.01 10:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.01 10:56:39 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\ACD Systems
[2012.12.01 10:56:47 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Autodesk
[2013.01.04 07:49:51 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\BitComet
[2012.12.01 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\BSplayer PRO
[2012.12.09 22:53:14 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Call of Duty Black Ops 2
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Doublefine
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\GHISLER
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\GlarySoft
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\HEM Data
[2013.01.03 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\HoldemManager
[2013.01.03 21:51:21 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\ICQ
[2012.12.08 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\LangSoft
[2012.12.01 10:58:15 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Maxthon3
[2012.12.01 11:27:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Mikogo 4
[2012.12.01 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\MySQL
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Nokia
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Nokia Suite
[2012.12.01 10:55:49 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Opera
[2012.12.22 10:58:24 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Origin
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Party
[2012.12.01 11:27:14 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\PC Suite
[2013.01.05 13:08:05 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\The Bat!
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\TuneUp Software
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\TuneUpMedia
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Vessel
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
========== Purity Check ==========
< End of report >
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.05 13:08:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\T-fon\Desktop\OTL.exe
[2013.01.04 22:08:08 | 002,322,184 | ---- | C] (ESET) -- C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
[2013.01.04 08:09:51 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Desktop\RK_Quarantine
[2013.01.03 18:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.02 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Apple
[2013.01.01 22:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.01.01 22:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.01.01 17:15:34 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.01 17:15:34 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.01 17:15:34 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.01 17:15:34 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.01 17:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.01 17:11:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.01 17:07:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.01 10:59:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.12.31 13:00:13 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\cache
[2012.12.31 13:00:05 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Autodesk
[2012.12.28 22:24:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.28 22:24:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.28 17:44:23 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Malwarebytes
[2012.12.28 17:44:03 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.28 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.28 17:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.28 17:43:54 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Programs
[2012.12.28 16:04:22 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\ATI
[2012.12.28 16:04:20 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Adobe
[2012.12.28 11:22:09 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\T-fon\Desktop\HijackThis.exe
[2012.12.28 10:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.12.25 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Documents\Orcs Must Die
[2012.12.25 16:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Entertainment
[2012.12.24 17:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serpengo
[2012.12.24 17:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReflexiveArcade
[2012.12.24 16:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012.12.24 15:49:35 | 000,000,000 | ---D | C] -- C:\Users\T-fon\Documents\Giana Sisters - Twisted Dreams
[2012.12.24 15:48:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.12.23 23:05:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.23 23:05:52 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.23 23:05:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.23 23:05:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.23 12:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamax Poker
[2012.12.23 10:56:44 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012.12.23 10:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2012.12.23 10:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.12.23 10:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VD
[2012.12.23 10:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDub
[2012.12.22 16:57:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012.12.22 16:55:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2012.12.22 16:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2012.12.22 16:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2012.12.22 16:55:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2012.12.22 16:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012.12.22 11:20:08 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.12.22 11:20:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.12.22 11:20:08 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.12.22 11:20:07 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.12.22 11:20:07 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.12.22 11:20:07 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.12.22 11:20:06 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.12.22 11:20:06 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.12.22 11:20:05 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.12.22 11:20:05 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.12.22 11:20:05 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.12.22 11:20:05 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.12.22 11:20:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.12.22 11:20:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.12.22 11:20:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.12.22 11:20:05 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.12.22 11:20:05 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.12.22 11:20:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.12.22 11:20:05 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.12.22 11:20:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.12.22 11:20:04 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.12.22 11:20:04 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.12.22 11:20:03 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.12.22 11:20:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.12.22 11:20:03 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.12.22 11:20:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.12.22 11:20:03 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.12.22 11:20:03 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.12.22 11:20:03 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.12.22 11:20:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.12.22 11:20:03 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.12.22 11:20:03 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.12.22 11:20:03 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.12.22 11:20:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.12.22 11:20:02 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.12.22 11:20:02 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.12.22 11:20:02 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.12.22 11:20:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.12.22 11:20:02 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.12.22 11:20:02 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.12.22 11:20:02 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.12.22 11:20:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.12.22 11:20:02 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.12.22 11:20:02 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.12.22 11:20:02 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.12.22 11:20:02 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.12.22 11:20:02 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.12.22 11:20:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.12.22 11:20:01 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.12.22 11:20:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.12.22 11:20:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.12.22 11:20:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.12.22 11:20:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.12.22 11:20:01 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.12.22 11:20:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.12.22 11:20:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.12.22 11:20:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.12.22 11:20:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.12.22 11:20:01 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.12.22 11:20:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.12.22 11:20:01 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.12.22 11:20:01 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.12.22 11:20:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.12.22 11:20:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.12.22 11:20:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.12.22 11:20:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.12.22 11:20:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.12.22 11:20:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.12.22 11:20:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.12.22 11:20:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.12.22 11:20:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.12.22 11:20:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.12.22 10:58:24 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Origin
[2012.12.22 10:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012.12.21 20:47:09 | 000,411,480 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll
[2012.12.21 20:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2012.12.21 20:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2012.12.21 20:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2012.12.21 18:43:47 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\My Games
[2012.12.21 18:42:14 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\PunkBuster
[2012.12.21 18:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012.12.20 22:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tor Browser
[2012.12.19 22:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.19 22:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.19 18:30:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.12.19 18:30:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2012.12.19 18:30:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.12.19 18:30:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.12.19 18:30:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.12.19 18:30:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.12.19 18:30:29 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.12.19 18:30:29 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.12.19 18:30:29 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.12.19 18:30:29 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.12.19 18:30:29 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.12.19 18:30:29 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.12.19 18:30:29 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.12.19 18:30:29 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.12.19 18:30:29 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.12.19 18:30:29 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.12.19 18:30:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.12.19 18:30:29 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.12.19 18:30:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.12.19 18:30:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.12.19 18:30:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.12.19 18:30:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.12.19 18:30:29 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.12.19 18:30:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.12.19 18:30:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.12.19 18:29:42 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.19 18:29:42 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.19 18:29:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.19 18:29:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.18 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\SKIDROW
[2012.12.18 13:30:10 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.18 13:25:16 | 000,000,000 | ---D | C] -- C:\Temp
[2012.12.15 13:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.12.15 13:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.12.15 10:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Giana Sisters - Twisted Dreams
[2012.12.15 10:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black Forest Games
[2012.12.15 10:17:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.12.15 10:17:11 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.12.15 10:17:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.12.15 10:17:11 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.12.15 10:17:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.12.15 10:17:11 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.12.15 10:17:11 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.12.15 10:17:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.12.15 09:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.12.12 11:39:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.12 11:39:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.12 11:39:42 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.12 11:39:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.12 11:39:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.12 11:39:42 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.12 11:39:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.12 11:39:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.12 11:39:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.12 11:39:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.12 11:39:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.12 11:39:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.12 11:39:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.12 11:39:41 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.12 11:39:41 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.12 07:50:49 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.12 07:50:49 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.12 07:50:49 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.12 07:50:49 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.12 07:50:49 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.12 07:50:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.12 07:50:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.12 07:50:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.12 07:50:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.12 07:50:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.12 07:50:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.12 07:50:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 07:50:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 07:50:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 07:50:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 07:50:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 07:50:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.12 07:50:45 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.12 07:50:45 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.10 19:55:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.12.09 22:53:14 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Roaming\Call of Duty Black Ops 2
[2012.12.08 20:05:39 | 000,000,000 | ---D | C] -- C:\Users\T-fon\AppData\Local\Ubisoft Game Launcher
[2012.12.08 19:30:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012.12.08 19:30:24 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012.12.08 19:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.12.08 19:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.12.08 19:30:15 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012.12.08 19:24:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.12.08 19:24:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.12.08 19:24:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.12.08 19:24:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.12.08 19:24:03 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.12.08 19:24:03 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.12.08 19:24:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.12.08 19:24:02 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.12.08 19:24:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.12.08 19:24:02 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.12.08 19:24:02 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.12.08 19:24:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.12.08 19:24:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.12.08 19:24:02 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.12.08 19:24:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.12.08 19:24:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.12.08 19:24:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.12.08 19:24:02 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.12.08 19:24:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.12.08 19:24:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.12.08 19:24:02 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.12.08 19:24:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.12.08 19:24:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.12.08 19:24:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.12.08 19:24:01 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.12.08 19:24:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.12.08 19:24:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.12.08 19:24:01 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.12.08 19:24:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.12.08 19:24:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.12.08 19:24:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.12.08 19:24:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.12.08 19:24:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.12.08 19:24:01 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.12.08 19:24:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.12.08 19:24:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.12.08 19:24:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.12.08 19:24:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.12.08 19:24:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.12.08 19:24:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.12.08 19:24:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.12.08 19:24:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.12.08 19:24:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.12.08 19:24:00 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.12.08 19:24:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.12.08 19:24:00 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.12.08 19:24:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.12.08 19:24:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.12.08 19:24:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.12.08 19:24:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.12.08 19:24:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.12.08 19:24:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.12.08 19:24:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.12.08 19:23:59 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.12.08 19:23:59 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.12.08 19:23:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.12.08 19:23:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.12.08 19:23:59 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.12.08 19:23:59 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.12.08 19:23:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.12.08 19:23:59 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.12.08 19:23:59 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.12.08 19:23:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.12.08 19:23:59 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.12.08 19:23:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.12.08 19:23:59 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.12.08 19:23:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.12.08 19:23:58 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.12.08 19:23:58 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.12.08 19:23:58 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.12.08 19:23:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.12.08 19:23:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.12.08 19:23:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.12.08 19:23:58 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.12.08 19:23:58 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.12.08 19:23:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.12.08 19:23:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.12.08 19:23:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.12.08 19:23:56 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.12.08 19:23:56 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.12.08 19:23:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.12.08 19:23:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.12.08 19:23:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.12.08 19:23:56 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.12.08 19:23:56 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.12.08 19:23:56 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.12.08 19:23:56 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.12.08 19:23:55 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.12.08 19:23:55 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.12.08 19:23:55 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.12.08 19:23:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.12.08 19:23:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.12.08 19:23:55 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.12.08 15:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012.12.08 15:39:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2012.12.08 15:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.12.08 15:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Translator
[2012.12.08 15:33:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\T-fon
[2012.12.08 15:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012.12.08 15:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\TurAtlas
[2012.12.08 15:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PJsoft
[2012.12.08 15:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.12.08 15:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyklotrasy
[2012.12.08 15:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Core Services
[2012.12.08 13:43:29 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
========== Files - Modified Within 30 Days ==========
[2013.01.05 13:09:18 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.05 13:09:18 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.05 13:09:18 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.05 13:09:18 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.05 13:09:18 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.05 13:07:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\T-fon\Desktop\OTL.exe
[2013.01.05 13:05:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.05 13:04:55 | 2114,605,055 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.05 09:05:02 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.05 09:05:02 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.04 23:33:26 | 000,001,480 | ---- | M] () -- C:\Users\T-fon\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2013.01.04 22:08:00 | 002,322,184 | ---- | M] (ESET) -- C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
[2013.01.04 08:05:00 | 000,761,856 | ---- | M] () -- C:\Users\T-fon\Desktop\RogueKiller.exe
[2013.01.04 01:18:18 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2013.01.03 21:51:04 | 000,000,155 | ---- | M] () -- C:\Windows\winamp.ini
[2013.01.03 18:06:51 | 150,735,648 | ---- | M] () -- C:\Users\T-fon\Desktop\setup_11.0.0.1245.x01_2013_01_03_19_14.exe
[2013.01.03 18:03:42 | 000,000,035 | ---- | M] () -- C:\Users\T-fon\Desktop\find.bat
[2013.01.03 18:03:28 | 000,000,035 | ---- | M] () -- C:\Users\T-fon\Documents\find.bat
[2013.01.01 22:54:37 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.01 22:35:18 | 000,000,434 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.01.01 17:15:33 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.01 17:15:33 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.01 17:15:33 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.01 17:15:33 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.01 17:07:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.31 13:24:39 | 000,001,975 | ---- | M] () -- C:\Users\T-fon\Desktop\Universal Replayer.lnk
[2012.12.31 11:54:29 | 000,002,183 | ---- | M] () -- C:\Users\T-fon\URPreferences.xml
[2012.12.29 16:12:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.12.28 17:44:04 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 16:05:01 | 000,550,017 | ---- | M] () -- C:\Users\T-fon\Desktop\adwcleaner.exe
[2012.12.28 15:53:43 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012.12.28 15:53:43 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2012.12.28 15:53:27 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.12.28 11:22:10 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\T-fon\Desktop\HijackThis.exe
[2012.12.28 10:06:18 | 000,084,018 | ---- | M] () -- C:\Users\T-fon\Documents\cc_20121228_100611.reg
[2012.12.28 10:03:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.26 18:32:46 | 000,000,132 | ---- | M] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.12.25 16:35:50 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
[2012.12.24 16:26:45 | 000,001,111 | ---- | M] () -- C:\Users\T-fon\Desktop\Plants Vs Zombies.lnk
[2012.12.24 13:56:13 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.24 09:05:13 | 005,126,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.23 22:51:21 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2012.12.23 12:42:20 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Winamax Poker.lnk
[2012.12.23 11:18:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.12.23 10:48:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.12.22 21:58:33 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.12.22 17:55:56 | 000,000,132 | ---- | M] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012.12.22 17:18:59 | 000,001,319 | ---- | M] () -- C:\Users\T-fon\Desktop\Adobe After Effects CS4.lnk
[2012.12.22 16:55:59 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
[2012.12.22 15:10:13 | 000,061,952 | ---- | M] () -- C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.21 20:47:02 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012.12.21 18:42:20 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.20 22:14:52 | 000,001,077 | ---- | M] () -- C:\Users\T-fon\Desktop\Tor Browser.lnk
[2012.12.18 14:42:19 | 000,002,566 | ---- | M] () -- C:\Users\T-fon\Desktop\SnG Wizard.lnk
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.12 20:02:25 | 000,002,480 | ---- | M] () -- C:\Users\T-fon\Desktop\Google Chrome.lnk
[2012.12.12 15:07:51 | 000,003,029 | ---- | M] () -- C:\Users\T-fon\Desktop\TableNinja.lnk
[2012.12.12 09:23:01 | 000,001,572 | ---- | M] () -- C:\Users\T-fon\Desktop\EasyPHP-5.3.8.1.lnk
[2012.12.08 19:30:36 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.12.08 15:34:50 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2012.12.08 15:17:03 | 000,000,770 | ---- | M] () -- C:\Users\T-fon\Desktop\TurAtlasCR.lnk
[2012.12.08 15:16:39 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\InfoMapa 18.lnk
[2012.12.08 15:13:53 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Cyklotrasy.lnk
[2012.12.08 15:11:49 | 000,001,173 | ---- | M] () -- C:\Users\T-fon\Desktop\IETester.lnk
========== Files Created - No Company Name ==========
[2013.01.04 08:09:29 | 000,761,856 | ---- | C] () -- C:\Users\T-fon\Desktop\RogueKiller.exe
[2013.01.03 18:07:05 | 150,735,648 | ---- | C] () -- C:\Users\T-fon\Desktop\setup_11.0.0.1245.x01_2013_01_03_19_14.exe
[2013.01.03 18:03:42 | 000,000,035 | ---- | C] () -- C:\Users\T-fon\Desktop\find.bat
[2013.01.03 18:03:28 | 000,000,035 | ---- | C] () -- C:\Users\T-fon\Documents\find.bat
[2013.01.01 22:54:37 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.01.01 22:54:30 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.12.30 14:19:11 | 000,001,480 | ---- | C] () -- C:\Users\T-fon\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2012.12.28 17:44:04 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.28 17:40:10 | 000,550,017 | ---- | C] () -- C:\Users\T-fon\Desktop\adwcleaner.exe
[2012.12.28 10:06:14 | 000,084,018 | ---- | C] () -- C:\Users\T-fon\Documents\cc_20121228_100611.reg
[2012.12.28 10:03:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.27 11:50:46 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2012.12.25 16:35:50 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
[2012.12.24 16:26:45 | 000,001,111 | ---- | C] () -- C:\Users\T-fon\Desktop\Plants Vs Zombies.lnk
[2012.12.23 11:18:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.12.23 10:48:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.12.22 17:55:56 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012.12.22 17:18:59 | 000,001,319 | ---- | C] () -- C:\Users\T-fon\Desktop\Adobe After Effects CS4.lnk
[2012.12.22 16:55:59 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
[2012.12.22 16:54:16 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.12.21 20:47:02 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012.12.21 18:42:20 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.12 09:23:01 | 000,001,572 | ---- | C] () -- C:\Users\T-fon\Desktop\EasyPHP-5.3.8.1.lnk
[2012.12.08 19:30:35 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.12.08 19:24:17 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.08 15:34:50 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2012.12.08 15:23:14 | 000,002,566 | ---- | C] () -- C:\Users\T-fon\Desktop\SnG Wizard.lnk
[2012.12.08 15:16:39 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\InfoMapa 18.lnk
[2012.12.08 15:13:53 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Cyklotrasy.lnk
[2012.12.05 23:08:30 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2012.12.01 14:43:04 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.01 14:33:19 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2012.12.01 14:33:19 | 000,000,491 | ---- | C] () -- C:\Windows\Instit.ini
[2012.12.01 14:30:10 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2012.12.01 12:40:58 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.12.01 11:29:43 | 000,002,183 | ---- | C] () -- C:\Users\T-fon\URPreferences.xml
[2012.12.01 11:28:15 | 000,057,839 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\IDK
[2012.12.01 11:28:15 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.12.01 11:28:15 | 000,000,132 | ---- | C] () -- C:\Users\T-fon\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2012.12.01 10:56:33 | 000,000,045 | ---- | C] () -- C:\Users\T-fon\AppData\Local\machpro.dat
[2012.12.01 10:56:32 | 000,061,952 | ---- | C] () -- C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.01 10:47:51 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2012.12.01 10:29:32 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.12.01 10:22:55 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.12.01 10:16:35 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.12.01 10:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.01 10:56:39 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\ACD Systems
[2012.12.01 10:56:47 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Autodesk
[2013.01.04 07:49:51 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\BitComet
[2012.12.01 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\BSplayer PRO
[2012.12.09 22:53:14 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Call of Duty Black Ops 2
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Doublefine
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\GHISLER
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\GlarySoft
[2012.12.01 10:57:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\HEM Data
[2013.01.03 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\HoldemManager
[2013.01.03 21:51:21 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\ICQ
[2012.12.08 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\LangSoft
[2012.12.01 10:58:15 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Maxthon3
[2012.12.01 11:27:02 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Mikogo 4
[2012.12.01 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\MySQL
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Nokia
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Nokia Suite
[2012.12.01 10:55:49 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Opera
[2012.12.22 10:58:24 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Origin
[2012.12.01 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Party
[2012.12.01 11:27:14 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\PC Suite
[2013.01.05 13:08:05 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\The Bat!
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\TuneUp Software
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\TuneUpMedia
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\Vessel
[2012.12.01 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\T-fon\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
========== Purity Check ==========
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Program svchost.exe přestal pracovat +
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..extensions.enabledAddons: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.1
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\T-fon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
[2012.12.01 11:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\T-fon\AppData\Roaming\Mozilla\Extensions
O1 HOSTS File: ([2013.01.01 17:07:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.01.05 13:09:18 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.05 13:09:18 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.05 13:09:18 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.05 13:09:18 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Qoobox
C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe
C:\Users\T-fon\Desktop\RogueKiller.exe
C:\Users\T-fon\Desktop\find.bat
C:\Users\T-fon\Documents\find.bat
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
C:\Users\T-fon\AppData\Local\Temp\svchost.exe
C:\ProgramData\Adobe\5113C0.vbe
C:\Users\All Users\Adobe\5113C0.vbe
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Program svchost.exe přestal pracovat +
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files (x86)\Skype\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009 removed from extensions.enabledAddons
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.1 removed from extensions.enabledAddons
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\ubisoft.com/uplaypc\ deleted successfully.
C:\Users\T-fon\AppData\Roaming\Mozilla\Extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe moved successfully.
C:\Users\T-fon\Desktop\RogueKiller.exe moved successfully.
File\Folder C:\Users\T-fon\Desktop\find.bat not found.
C:\Users\T-fon\Documents\find.bat moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.ics moved successfully.
C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe moved successfully.
C:\Users\T-fon\AppData\Local\Temp\svchost.exe moved successfully.
C:\ProgramData\Adobe\5113C0.vbe moved successfully.
File\Folder C:\Users\All Users\Adobe\5113C0.vbe not found.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: T-fon
->Temp folder emptied: 300355312 bytes
->Temporary Internet Files folder emptied: 891048 bytes
->Java cache emptied: 16245688 bytes
->FireFox cache emptied: 37092039 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 63732 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 75794 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 163402112 bytes
Total Files Cleaned = 494,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: postgres
User: Public
User: T-fon
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01062013_225703
Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
C:\Users\T-fon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files (x86)\Skype\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009 removed from extensions.enabledAddons
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.1 removed from extensions.enabledAddons
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\ubisoft.com/uplaypc\ deleted successfully.
C:\Users\T-fon\AppData\Roaming\Mozilla\Extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Users\T-fon\Desktop\esetsmartinstaller_enu.exe moved successfully.
C:\Users\T-fon\Desktop\RogueKiller.exe moved successfully.
File\Folder C:\Users\T-fon\Desktop\find.bat not found.
C:\Users\T-fon\Documents\find.bat moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.ics moved successfully.
C:\Users\T-fon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe moved successfully.
C:\Users\T-fon\AppData\Local\Temp\svchost.exe moved successfully.
C:\ProgramData\Adobe\5113C0.vbe moved successfully.
File\Folder C:\Users\All Users\Adobe\5113C0.vbe not found.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: T-fon
->Temp folder emptied: 300355312 bytes
->Temporary Internet Files folder emptied: 891048 bytes
->Java cache emptied: 16245688 bytes
->FireFox cache emptied: 37092039 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 63732 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 75794 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 163402112 bytes
Total Files Cleaned = 494,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: postgres
User: Public
User: T-fon
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01062013_225703
Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
C:\Users\T-fon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Program svchost.exe přestal pracovat +
wow, hláška mi konečně přestala vyskakovat, takže PC je vyléčen? :)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Program svchost.exe přestal pracovat +
Spusť OTL a klikni na Vyčisti.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Program svchost.exe přestal pracovat + Vyřešeno
OK a moc děkuju za pomoc!
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 104 hostů