API tools faq
paste
Guest User

Log

a guest
Nov 24th, 2012
117
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 45.38 KB | None | 0 0
raw download clone embed print report
  1. Logfile of random's system information tool 1.09 (written by random/random)
  2. Run by Ceddrik at 2012-11-24 08:54:30
  3. Microsoft Windows 7 Home Premium Service Pack 1
  4. System drive C: has 15 GB (7%) free of 224 GB
  5. Total RAM: 5883 MB (62% free)
  6.  
  7. Logfile of Trend Micro HijackThis v2.0.4
  8. Scan saved at 8:54:32, on 24.11.2012
  9. Platform: Windows 7 SP1 (WinNT 6.00.3505)
  10. MSIE: Internet Explorer v9.00 (9.00.8112.16455)
  11. Boot mode: Normal
  12.  
  13. Running processes:
  14. C:\Program Files (x86)\Launch Manager\LManager.exe
  15. C:\Program Files (x86)\Launch Manager\LMworker.exe
  16. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  17. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  18. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  19. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  20. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  21. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  22. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  23. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  24. C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe
  25. C:\Program Files\trend micro\Ceddrik.exe
  26.  
  27. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme442&r=27360112l435l0404z135r4702s26s
  28. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  29. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme442&r=27360112l435l0404z135r4702s26s
  30. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme442&r=27360112l435l0404z135r4702s26s
  31. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  32. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  33. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0405&m=eme442&r=27360112l435l0404z135r4702s26s
  34. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  35. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  36. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  37. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  38. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  39. R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
  40. F2 - REG:system.ini: UserInit=userinit.exe
  41. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  42. O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
  43. O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  44. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
  45. O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
  46. O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  47. O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
  48. O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
  49. O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
  50. O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
  51. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  52. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  53. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  54. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  55. O4 - Startup: winlogin.exe
  56. O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  57. O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  58. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  59. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
  60. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  61. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  62. O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
  63. O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
  64. O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  65. O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  66. O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BPowMon\BPowMon.exe
  67. O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
  68. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  69. O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
  70. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  71. O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  72. O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
  73. O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
  74. O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  75. O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  76. O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
  77. O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  78. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  79. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  80. O23 - Service: MySQL51 - Unknown owner - C:\Program.exe (file missing)
  81. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  82. O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
  83. O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
  84. O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
  85. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  86. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  87. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  88. O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
  89. O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
  90. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  91. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  92. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  93. O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  94. O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
  95. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  96. O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
  97. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  98. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  99. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  100. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  101. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  102. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  103. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  104.  
  105. --
  106. End of file - 10246 bytes
  107.  
  108. ======Listing Processes======
  109.  
  110. \SystemRoot\System32\smss.exe
  111. %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
  112. wininit.exe
  113. %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
  114. winlogon.exe
  115. C:\Windows\system32\services.exe
  116. C:\Windows\system32\lsass.exe
  117. C:\Windows\system32\lsm.exe
  118. C:\Windows\system32\svchost.exe -k DcomLaunch
  119. C:\Windows\system32\svchost.exe -k RPCSS
  120. C:\Windows\system32\atiesrxx.exe
  121. C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
  122. C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
  123. C:\Windows\system32\svchost.exe -k netsvcs
  124. C:\Windows\system32\svchost.exe -k LocalService
  125. atieclxx
  126. C:\Windows\system32\svchost.exe -k NetworkService
  127. C:\Windows\System32\spoolsv.exe
  128. C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
  129. "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
  130. "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
  131. "C:\Program Files\Bonjour\mDNSResponder.exe"
  132. "C:\Program Files\Broadcom\BPowMon\BPowMon.exe"
  133. "C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
  134. "C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe"
  135. C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
  136. "C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe"
  137. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
  138. "C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\diMaster.dll" /prefetch:1
  139. "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
  140. C:\Windows\SysWOW64\PnkBstrA.exe
  141. "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
  142. C:\Windows\system32\svchost.exe -k imgsvc
  143. "taskhost.exe"
  144. "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
  145. "C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe"
  146. "C:\Windows\system32\Dwm.exe"
  147. C:\Windows\Explorer.EXE
  148. "C:\Program Files\Elantech\ETDCtrl.exe"
  149. "C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe"
  150. "C:\Program Files (x86)\Launch Manager\LManager.exe"
  151. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
  152. "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
  153. C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
  154. C:\Windows\system32\wbem\unsecapp.exe -Embedding
  155. "C:\Program Files (x86)\Launch Manager\LMworker.exe"
  156. C:\Windows\system32\wbem\wmiprvse.exe
  157. "C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe"
  158. "C:\Program Files\Elantech\ETDCtrlHelper.exe"
  159. "C:\Program Files\iPod\bin\iPodService.exe"
  160. C:\Windows\system32\SearchIndexer.exe /Embedding
  161. "C:\Program Files\Windows Media Player\wmpnetwk.exe"
  162. C:\Windows\System32\svchost.exe -k LocalServicePeerNet
  163. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
  164. "C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
  165. C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
  166. C:\Windows\System32\svchost.exe -k secsvcs
  167. "taskhost.exe"
  168. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe"
  169. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.0.130800966\1432105919" /prefetch:3
  170. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="572.1.2138785956\1851567307" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.713.3.3000 --ignored=" --type=renderer " /prefetch:12
  171. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.4.395629871\977026034" /prefetch:3
  172. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
  173. C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
  174. "C:\Users\Ceddrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogin.exe"
  175. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="572.12.222892752\398942091" --lang=cs --ignored=" --type=renderer " /prefetch:13
  176. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.17.596656449\828794222" /prefetch:3
  177. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.18.872597505\1396905681" /prefetch:3
  178. C:\Windows\system32\wbem\wmiprvse.exe
  179. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.20.1978183102\1802186920" /prefetch:3
  180. "c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 8ABF3C16-8175-7FC0-0626-13FE53EC617F -Reinvoke
  181. C:\Windows\System32\svchost.exe -k WerSvcGroup
  182. "C:\Users\Ceddrik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="572.21.1418416838\1627032857" /prefetch:3
  183. "C:\Users\Ceddrik\Downloads\RSITx64.exe"
  184.  
  185. ======Scheduled tasks folder======
  186.  
  187. C:\Windows\tasks\Adobe Flash Player Updater.job
  188. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  189. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  190. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-649601129-3096365826-177746470-1000Core.job
  191. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-649601129-3096365826-177746470-1000UA.job
  192.  
  193. ======Registry dump======
  194.  
  195. [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
  196. Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
  197.  
  198. [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
  199. Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-20 449512]
  200.  
  201. [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
  202. Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
  203.  
  204. [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  205. Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-20 155384]
  206.  
  207. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  208. "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
  209. "Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2010-06-11 861216]
  210.  
  211. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  212. C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
  213.  
  214. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
  215. C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
  216.  
  217. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
  218. C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe []
  219.  
  220. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  221. C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
  222.  
  223. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
  224. C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2012-11-07 8790904]
  225.  
  226. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  227. C:\Users\Ceddrik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-11 136176]
  228.  
  229. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
  230. C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]
  231.  
  232. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
  233. C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
  234.  
  235. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
  236. C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray []
  237.  
  238. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
  239. C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]
  240.  
  241. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  242. C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
  243.  
  244. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  245. C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
  246.  
  247. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
  248. C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-09-01 738168]
  249.  
  250. [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  251. "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
  252. "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-12-05 343168]
  253. "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
  254. "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776]
  255. "NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
  256. "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]
  257.  
  258. C:\Users\Ceddrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  259. winlogin.exe
  260.  
  261. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  262. WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
  263.  
  264. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
  265. "SecurityProviders"=credssp.dll
  266.  
  267. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
  268.  
  269. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
  270.  
  271. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  272. "ConsentPromptBehaviorAdmin"=5
  273. "ConsentPromptBehaviorUser"=3
  274. "EnableUIADesktopToggle"=0
  275. "dontdisplaylastusername"=0
  276. "legalnoticecaption"=
  277. "legalnoticetext"=
  278. "shutdownwithoutlogon"=1
  279. "undockwithoutlogon"=1
  280.  
  281. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  282. "NoActiveDesktop"=1
  283. "NoActiveDesktopChanges"=1
  284. "ForceActiveDesktopOn"=0
  285.  
  286. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  287.  
  288. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
  289.  
  290. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
  291. "vidc.mrle"=msrle32.dll
  292. "vidc.msvc"=msvidc32.dll
  293. "msacm.imaadpcm"=imaadp32.acm
  294. "msacm.msg711"=msg711.acm
  295. "msacm.msgsm610"=msgsm32.acm
  296. "msacm.msadpcm"=msadp32.acm
  297. "midimapper"=midimap.dll
  298. "wavemapper"=msacm32.drv
  299. "VIDC.UYVY"=msyuv.dll
  300. "VIDC.YUY2"=msyuv.dll
  301. "VIDC.YVYU"=msyuv.dll
  302. "VIDC.IYUV"=iyuv_32.dll
  303. "vidc.i420"=iyuv_32.dll
  304. "VIDC.YVU9"=tsbyuv.dll
  305. "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
  306. "MSVideo8"=VfWWDM32.dll
  307. "wave"=wdmaud.drv
  308. "midi"=wdmaud.drv
  309. "mixer"=wdmaud.drv
  310. "aux"=wdmaud.drv
  311. "wave1"=wdmaud.drv
  312. "midi1"=wdmaud.drv
  313. "mixer1"=wdmaud.drv
  314. "aux1"=wdmaud.drv
  315. "wave2"=wdmaud.drv
  316. "midi2"=wdmaud.drv
  317. "mixer2"=wdmaud.drv
  318. "aux2"=wdmaud.drv
  319. "VIDC.XFR1"=xfcodec64.dll
  320.  
  321. ======File associations======
  322.  
  323. .js - edit - C:\Windows\System32\Notepad.exe %1
  324. .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
  325.  
  326. ======List of files/folders created in the last 1 month======
  327.  
  328. 2012-11-24 08:47:34 ----D---- C:\rsit
  329. 2012-11-24 08:47:34 ----D---- C:\Program Files\trend micro
  330. 2012-11-21 23:24:23 ----D---- C:\Program Files (x86)\FireFly Studios
  331. 2012-11-21 22:06:37 ----SHD---- C:\Config.Msi
  332. 2012-11-20 08:46:03 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
  333. 2012-11-20 02:01:03 ----D---- C:\Users\Ceddrik\AppData\Roaming\Xfire
  334. 2012-11-20 02:00:58 ----D---- C:\ProgramData\Xfire
  335. 2012-11-20 02:00:56 ----D---- C:\Program Files (x86)\Xfire
  336. 2012-11-20 00:14:20 ----D---- C:\Users\Ceddrik\AppData\Roaming\GameRanger
  337. 2012-11-17 12:08:21 ----D---- C:\Users\Ceddrik\AppData\Roaming\.minecraft
  338. 2012-11-16 03:30:30 ----A---- C:\Windows\SYSWOW64\xfcodec.dll
  339. 2012-11-16 03:30:28 ----A---- C:\Windows\system32\xfcodec64.dll
  340. 2012-11-15 03:17:43 ----A---- C:\Windows\system32\Wdfres.dll
  341. 2012-11-15 03:17:43 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
  342. 2012-11-15 03:17:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
  343. 2012-11-15 03:08:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
  344. 2012-11-15 03:08:26 ----A---- C:\Windows\system32\mshtmled.dll
  345. 2012-11-15 03:08:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
  346. 2012-11-15 03:08:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
  347. 2012-11-15 03:08:25 ----A---- C:\Windows\system32\ieUnatt.exe
  348. 2012-11-15 03:08:25 ----A---- C:\Windows\system32\ieui.dll
  349. 2012-11-15 03:08:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
  350. 2012-11-15 03:08:24 ----A---- C:\Windows\SYSWOW64\url.dll
  351. 2012-11-15 03:08:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
  352. 2012-11-15 03:08:24 ----A---- C:\Windows\system32\urlmon.dll
  353. 2012-11-15 03:08:24 ----A---- C:\Windows\system32\url.dll
  354. 2012-11-15 03:08:24 ----A---- C:\Windows\system32\jscript9.dll
  355. 2012-11-15 03:08:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
  356. 2012-11-15 03:08:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
  357. 2012-11-15 03:08:23 ----A---- C:\Windows\system32\wininet.dll
  358. 2012-11-15 03:08:23 ----A---- C:\Windows\system32\msfeeds.dll
  359. 2012-11-15 03:08:23 ----A---- C:\Windows\system32\jsproxy.dll
  360. 2012-11-15 03:08:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
  361. 2012-11-15 03:08:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
  362. 2012-11-15 03:08:22 ----A---- C:\Windows\system32\vbscript.dll
  363. 2012-11-15 03:08:22 ----A---- C:\Windows\system32\jscript.dll
  364. 2012-11-15 03:08:22 ----A---- C:\Windows\system32\iertutil.dll
  365. 2012-11-15 03:08:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
  366. 2012-11-15 03:08:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
  367. 2012-11-15 03:08:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
  368. 2012-11-15 03:08:19 ----A---- C:\Windows\system32\mshtml.dll
  369. 2012-11-15 03:08:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
  370. 2012-11-15 03:08:18 ----A---- C:\Windows\system32\ieframe.dll
  371. 2012-11-15 03:01:42 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
  372. 2012-11-15 03:01:42 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
  373. 2012-11-15 03:01:38 ----A---- C:\Windows\system32\WUDFSvc.dll
  374. 2012-11-15 03:01:38 ----A---- C:\Windows\system32\WUDFPlatform.dll
  375. 2012-11-15 03:01:37 ----A---- C:\Windows\system32\WUDFx.dll
  376. 2012-11-15 03:01:37 ----A---- C:\Windows\system32\WUDFHost.exe
  377. 2012-11-15 03:01:37 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
  378. 2012-11-15 00:52:39 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
  379. 2012-11-15 00:52:39 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
  380. 2012-11-15 00:52:39 ----A---- C:\Windows\system32\dhcpcsvc6.dll
  381. 2012-11-15 00:52:39 ----A---- C:\Windows\system32\dhcpcore6.dll
  382. 2012-11-15 00:52:36 ----A---- C:\Windows\system32\win32k.sys
  383. 2012-11-15 00:52:33 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
  384. 2012-11-15 00:52:33 ----A---- C:\Windows\SYSWOW64\netevent.dll
  385. 2012-11-15 00:52:33 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
  386. 2012-11-15 00:52:33 ----A---- C:\Windows\SYSWOW64\ncsi.dll
  387. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\nlasvc.dll
  388. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\nlaapi.dll
  389. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\netevent.dll
  390. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\netcorehc.dll
  391. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\ncsi.dll
  392. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\iphlpsvc.dll
  393. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
  394. 2012-11-15 00:52:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
  395. 2012-11-15 00:52:12 ----A---- C:\Windows\system32\synceng.dll
  396. 2012-11-15 00:52:11 ----A---- C:\Windows\SYSWOW64\synceng.dll
  397. 2012-11-14 12:46:12 ----D---- C:\Users\Ceddrik\AppData\Roaming\VBA-M
  398. 2012-11-04 22:42:49 ----D---- C:\Users\Ceddrik\AppData\Roaming\Garena
  399. 2012-11-04 22:42:49 ----D---- C:\ProgramData\Garena
  400. 2012-11-02 21:33:02 ----A---- C:\Windows\War3Unin.dat
  401. 2012-11-02 21:33:01 ----A---- C:\Windows\War3Unin.pif
  402. 2012-11-02 21:33:01 ----A---- C:\Windows\War3Unin.exe
  403. 2012-11-02 21:31:58 ----D---- C:\Program Files (x86)\Warcraft III
  404. 2012-11-02 20:12:41 ----A---- C:\Users\Ceddrik\AppData\Roaming\room_v3.dat
  405. 2012-11-02 19:53:32 ----D---- C:\Users\Ceddrik\AppData\Roaming\GarenaPlus
  406. 2012-11-02 19:52:40 ----D---- C:\Program Files (x86)\Garena Plus
  407. 2012-11-02 19:52:37 ----D---- C:\ProgramData\GarenaMessenger
  408. 2012-10-27 01:10:35 ----A---- C:\Windows\NeroDigital.ini
  409.  
  410. ======List of files/folders modified in the last 1 month======
  411.  
  412. 2012-11-24 08:54:28 ----D---- C:\Windows\Temp
  413. 2012-11-24 08:47:34 ----RD---- C:\Program Files
  414. 2012-11-24 08:43:04 ----D---- C:\Windows\system32\config
  415. 2012-11-24 08:40:55 ----SHD---- C:\Windows\Installer
  416. 2012-11-24 08:40:54 ----RSD---- C:\Windows\assembly
  417. 2012-11-24 08:40:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
  418. 2012-11-24 08:40:20 ----D---- C:\Windows\system32\cs-CZ
  419. 2012-11-24 08:40:00 ----D---- C:\Windows\SysWOW64
  420. 2012-11-24 08:40:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
  421. 2012-11-24 08:39:42 ----D---- C:\Windows\inf
  422. 2012-11-24 08:39:39 ----D---- C:\Windows\System32
  423. 2012-11-24 08:39:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
  424. 2012-11-24 08:37:37 ----SHD---- C:\System Volume Information
  425. 2012-11-24 08:34:24 ----D---- C:\Windows\Microsoft.NET
  426. 2012-11-24 08:34:21 ----D---- C:\Windows\SYSWOW64\en-US
  427. 2012-11-24 08:34:21 ----D---- C:\Windows\system32\en-US
  428. 2012-11-24 08:33:03 ----D---- C:\Windows
  429. 2012-11-23 17:10:20 ----D---- C:\Program Files (x86)\Opera
  430. 2012-11-23 17:02:17 ----D---- C:\Users\Ceddrik\AppData\Roaming\TS3Client
  431. 2012-11-21 23:24:23 ----RD---- C:\Program Files (x86)
  432. 2012-11-21 23:24:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
  433. 2012-11-21 22:07:51 ----D---- C:\Program Files (x86)\MySQL
  434. 2012-11-21 22:03:48 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
  435. 2012-11-20 02:26:13 ----D---- C:\Windows\system32\Tasks
  436. 2012-11-20 02:00:58 ----HD---- C:\ProgramData
  437. 2012-11-20 00:18:55 ----D---- C:\Windows\Prefetch
  438. 2012-11-19 17:43:11 ----D---- C:\Program Files (x86)\Common Files
  439. 2012-11-19 17:43:08 ----D---- C:\ProgramData\Nero
  440. 2012-11-19 17:19:07 ----A---- C:\Windows\SYSWOW64\MsiExec.exe.log
  441. 2012-11-19 17:12:35 ----RSD---- C:\Windows\Fonts
  442. 2012-11-19 10:06:17 ----D---- C:\ProgramData\Adobe
  443. 2012-11-19 10:05:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
  444. 2012-11-19 10:03:58 ----D---- C:\Users\Ceddrik\AppData\Roaming\uTorrent
  445. 2012-11-19 03:06:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
  446. 2012-11-17 22:31:02 ----A---- C:\Windows\WORDPAD.INI
  447. 2012-11-16 16:05:20 ----D---- C:\ProgramData\Nokia
  448. 2012-11-16 16:05:20 ----D---- C:\Program Files (x86)\Nokia
  449. 2012-11-15 05:04:07 ----D---- C:\Windows\rescache
  450. 2012-11-15 03:45:47 ----D---- C:\Windows\winsxs
  451. 2012-11-15 03:41:45 ----D---- C:\Windows\SYSWOW64\migration
  452. 2012-11-15 03:41:45 ----D---- C:\Windows\system32\wbem
  453. 2012-11-15 03:41:45 ----D---- C:\Windows\system32\migration
  454. 2012-11-15 03:41:45 ----D---- C:\Windows\system32\drivers\cs-CZ
  455. 2012-11-15 03:41:45 ----D---- C:\Windows\system32\drivers
  456. 2012-11-15 03:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
  457. 2012-11-15 03:41:44 ----D---- C:\Program Files\Internet Explorer
  458. 2012-11-15 03:18:18 ----D---- C:\Windows\system32\catroot
  459. 2012-11-15 03:18:17 ----D---- C:\Windows\system32\catroot2
  460. 2012-11-15 03:02:56 ----D---- C:\Windows\debug
  461. 2012-11-15 03:02:53 ----A---- C:\Windows\system32\MRT.exe
  462. 2012-11-11 22:58:52 ----D---- C:\Windows\Minidump
  463. 2012-11-11 13:09:55 ----D---- C:\World of Warcraft
  464. 2012-11-02 20:00:00 ----D---- C:\Users\Ceddrik\AppData\Roaming\DAEMON Tools Lite
  465. 2012-10-30 16:17:37 ----D---- C:\Program Files\TeamSpeak 3 Client
  466. 2012-10-29 18:10:29 ----D---- C:\ProgramData\Partner
  467. 2012-10-29 18:10:28 ----D---- C:\Program Files\Google
  468. 2012-10-29 18:10:27 ----D---- C:\Program Files (x86)\Google
  469. 2012-10-28 12:39:31 ----D---- C:\Users\Ceddrik\AppData\Roaming\Skype
  470. 2012-10-27 19:12:57 ----A---- C:\Windows\WinInit.Ini
  471. 2012-10-27 13:05:49 ----D---- C:\ProgramData\Google
  472. 2012-10-27 13:05:18 ----D---- C:\Program Files\Emergency 4
  473. 2012-10-27 13:03:41 ----D---- C:\Users\Ceddrik\AppData\Roaming\DC++
  474. 2012-10-27 12:59:13 ----D---- C:\Program Files (x86)\HTML kódy 2.1.0
  475. 2012-10-26 22:35:23 ----D---- C:\Program Files (x86)\Remote Mouse
  476. 2012-10-26 22:34:36 ----D---- C:\Program Files (x86)\Electronic Arts
  477. 2012-10-26 21:01:57 ----D---- C:\Program Files (x86)\Quadriga Games
  478. 2012-10-26 20:55:43 ----D---- C:\Program Files (x86)\Steam
  479. 2012-10-26 20:55:39 ----D---- C:\Users\Ceddrik\AppData\Roaming\FileZilla
  480. 2012-10-26 20:54:48 ----D---- C:\Windows\Logs
  481.  
  482. ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  483.  
  484. R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
  485. R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
  486. R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
  487. R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
  488. R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
  489. R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
  490. R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
  491. R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-20 188928]
  492. R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
  493. R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-11 283200]
  494. R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
  495. R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
  496. R3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
  497. R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
  498. R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
  499. R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
  500. R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
  501. R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
  502. S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
  503. S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
  504. S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
  505. S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
  506. S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
  507. S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
  508. S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
  509. S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
  510. S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
  511. S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
  512. S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
  513. S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
  514. S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
  515.  
  516. ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  517.  
  518. R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
  519. R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
  520. R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
  521. R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
  522. R2 BPowMon;Broadcom Power monitoring service; C:\Program Files\Broadcom\BPowMon\BPowMon.exe [2010-03-24 117608]
  523. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  524. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  525. R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
  526. R2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-06-11 868896]
  527. R2 GREGService;GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-01-08 23584]
  528. R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
  529. R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [2010-05-23 126904]
  530. R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
  531. R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-12 76888]
  532. R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
  533. R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
  534. R2 Updater Service;Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-01-29 243232]
  535. R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
  536. S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-11 135664]
  537. S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
  538. S2 MySQL51;MySQL51; C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini MySQL51 []
  539. S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
  540. S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-19 250808]
  541. S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
  542. S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-15 655624]
  543. S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [2010-04-04 246520]
  544. S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-11 135664]
  545. S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
  546. S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-12 529232]
  547. S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-29 1255736]
  548. S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
  549. S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  550. S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  551. S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  552. S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
  553. S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe []
  554.  
  555. -----------------EOF-----------------
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!