OTL logfile created on: 9.7.2013 10:46:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lauer\Desktop\Kontrola
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000405 | Country: eskrepublika | Language: CSY | Date Format: d.M.yyyy
 
4,00 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,22% Memory free
8,00 Gb Paging File | 6,23 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 307,87 Gb Free Space | 66,11% Space Free | Partition Type: NTFS
Drive E: | 965,58 Mb Total Space | 263,92 Mb Free Space | 27,33% Space Free | Partition Type: FAT32
Drive I: | 131,00 Gb Total Space | 126,69 Gb Free Space | 96,71% Space Free | Partition Type: NTFS
 
Computer Name: LANG-PC | User Name: Lauer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013.07.09 10:40:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lauer\Desktop\Kontrola\OTL.exe
PRC - [2013.06.18 18:41:05 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.06.07 15:55:00 | 001,302,336 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013.06.07 14:58:58 | 000,806,776 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013.05.30 23:53:01 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012.08.25 21:04:01 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
PRC - [2012.08.25 21:04:01 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
PRC - [2012.08.18 19:03:20 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\ccSvcHst.exe
PRC - [2011.05.19 10:51:52 | 002,629,632 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2011.04.20 18:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2011.04.20 18:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.03.09 01:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010.03.09 01:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010.03.05 21:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010.03.02 20:29:46 | 001,347,496 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2010.03.02 12:13:57 | 000,067,312 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2010.01.25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009.05.05 17:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2006.11.28 01:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7311\Monitor.exe
PRC - [2006.06.15 12:36:18 | 000,229,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006.06.05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\wincfi39.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2006.11.28 01:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2011.05.25 05:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011.05.24 23:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009.07.14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:[b]64bit:[/b] - [2009.07.14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:[b]64bit:[/b] - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV - [2013.06.13 12:08:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 14:58:58 | 000,806,776 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012.08.25 21:04:01 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2012.08.18 19:03:20 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\ccSvcHst.exe -- (N360)
SRV - [2011.04.01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 01:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010.03.02 12:13:57 | 000,067,312 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2010.01.25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009.07.14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.06.05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013.07.09 08:35:45 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012.10.31 06:42:14 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:[b]64bit:[/b] - [2012.10.31 06:42:12 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:[b]64bit:[/b] - [2012.08.29 19:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:[b]64bit:[/b] - [2012.08.10 19:26:44 | 000,776,352 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2012.08.07 23:18:20 | 001,132,192 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymEFA64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2012.08.06 19:24:46 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\ccSetx64.sys -- (ccSet_N360)
DRV:[b]64bit:[/b] - [2012.07.27 21:25:32 | 000,493,216 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymDS64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2012.07.27 21:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\Ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2012.07.22 19:34:24 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2012.05.24 23:36:56 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011.05.25 06:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2011.05.25 06:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011.05.25 04:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011.03.30 20:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009.10.12 15:23:22 | 000,114,304 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:[b]64bit:[/b] - [2009.09.10 15:31:56 | 000,117,248 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:[b]64bit:[/b] - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006.12.13 12:34:04 | 000,253,568 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bender64.sys -- (BENDER)
DRV:[b]64bit:[/b] - [2006.11.08 09:59:36 | 000,602,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PA707UCM.SYS -- (PAC7311)
DRV:[b]64bit:[/b] - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2013.07.09 08:41:53 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130708.022\ex64.sys -- (NAVEX15)
DRV - [2013.07.09 08:41:53 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130708.022\eng64.sys -- (NAVENG)
DRV - [2013.07.06 04:18:50 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130706.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013.07.02 03:01:42 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.08.18 03:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.08.18 03:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys -- (EraserUtilDrv11220)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtByCyEzytDyEyC0FyBtDtN0D0Tzu0CyEyEtDtN1L2XzutN1L1Czu&cr=679319898&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{15988A09-66EF-66DA-5979-01894EB7140A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtByCyEzytDyEyC0FyBtDtN0D0Tzu0CyEyEtDtN1L2XzutN1L1Czu&cr=679319898&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtByCyEzytDyEyC0FyBtDtN0D0Tzu0CyEyEtDtN1L2XzutN1L1Czu&cr=679319898&ir=
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKLM\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0D51B1FA-946B-51A9-3312-56F8A2187E6F}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2737658
IE - HKLM\..\SearchScopes\{479430D9-4BCA-EE41-0C22-474490870639}: "URL" = http://search.sweetim.com/search.asp?src=6&st=4&q={searchTerms}&barid={FA409E0F-8CA9-11E1-AF23-002421264904}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtByCyEzytDyEyC0FyBtDtN0D0Tzu0CyEyEtDtN1L2XzutN1L1Czu&cr=679319898&ir=
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=HJxdm073YYcz&ptnrS=HJxdm073YYcz&si=pconverter&ptb=93A062E0-D1FB-4ADE-BFB9-8237FE070C95&ind=2012100721&n=77ee3871&psa=&st=sb&searchfor={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=31ACC637A53042505309A351CCB9F4F5
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.conduit.com?SearchSource=10&ctid=CT2737658
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\InprocServer32 File not found
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtByCyEzytDyEyC0FyBtDtN0D0Tzu0CyEyEtDtN1L2XzutN1L1Czu&cr=679319898&ir=
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{0bfd2b83-5fca-41be-b2ea-95c352206793}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=ee316f70000000000000002421264904
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{15988A09-66EF-66DA-5979-01894EB7140A}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20121216&user_guid=CE37CCFDEE7D4EC890DCEED32CCAF576&machine_id=45e9697c844e5ef736466ac0b9f28eab&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{1f1217c9-1ce9-413d-b94a-7d6431ab7d78}: "URL" = http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=31ACC637A53042505309A351CCB9F4F5&q={searchTerms}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{3C4D222D-A5AE-47F2-8B1F-E294D0CDAFE7}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{3FB02CCD-FA07-4E8A-94F9-33E15C2305B9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=45784835-D93E-469D-84A1-86504CC2A08A&apn_sauid=B75AC262-A9DC-4FB3-8F4C-00A51288D112
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{479430D9-4BCA-EE41-0C22-474490870639}: "URL" = http://search.sweetim.com/search.asp?src=6&st=4&q={searchTerms}&barid={FA409E0F-8CA9-11E1-AF23-002421264904}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNQN_csCZ470
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{6B127F69-012D-4B7F-A944-E85703CA1E2C}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/webscout/{C7C98BA9-A9EB-4989-A042-64F514537648}?q={searchTerms}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{a0e9ea4d-2271-4f54-a968-e3b38d3f7cd0}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{A110D3CB-B041-4801-BCE0-930CE81E3E61}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2737658
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{B17CE4D8-5130-4F2E-9B66-A55737DA36B7}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0002002
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{BA952FFB-C0C9-48A2-8643-6EDEEEF02257}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{c4c5fc3a-9905-4792-96b6-17ee39059365}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=HJxdm073YYcz&ptnrS=HJxdm073YYcz&si=pconverter&ptb=93A062E0-D1FB-4ADE-BFB9-8237FE070C95&ind=2012100721&n=77ee3871&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{D3432F83-14E6-4A8D-A293-A8EA4C7B8121}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\SearchScopes\{F65D380A-A058-4293-9945-7CD411A168F2}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_1
IE - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=867034"
FF - prefs.js..browser.search.selectedEngine: "blekko"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=31ACC637A53042505309A351CCB9F4F5"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40funmoods.com:1.5.1
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20121216&user_guid=CE37CCFDEE7D4EC890DCEED32CCAF576&machine_id=45e9697c844e5ef736466ac0b9f28eab&browser=FF&os=win&os_version=6.1-x64-SP1"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lauer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lauer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013.05.07 15:12:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013.03.16 07:02:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.05.30 23:54:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.05.30 23:54:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.07.09 08:36:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.07.09 08:35:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.28 00:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2012.03.30 04:12:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lauer\AppData\Roaming\Mozilla\Extensions
[2013.07.08 15:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions
[2012.12.17 03:21:05 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2013.03.14 18:05:09 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2013.05.14 19:00:30 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.03.14 18:05:12 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Community Toolbar) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2013.01.04 22:11:20 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2012.10.07 21:22:08 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\ffxtlbr@funmoods.com
[2013.01.13 02:56:58 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013.06.05 10:55:43 | 000,002,308 | ---- | M] () -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\searchplugins\askcom.xml
[2013.03.17 11:42:50 | 000,002,307 | ---- | M] () -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\searchplugins\Funmoods.xml
[2012.12.16 18:03:21 | 000,001,390 | ---- | M] () -- C:\Users\lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\searchplugins\yahoo-zugo.xml
[2013.05.14 18:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.14 18:59:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.28 00:17:34 | 000,000,634 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: blekko (Enabled)
CHR - default_search_provider: search_url = http://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=31ACC637A53042505309A351CCB9F4F5&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=31ACC637A53042505309A351CCB9F4F5
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lauer\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lauer\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lauer\AppData\Local\Google\Chrome\Application\27.0.1453.116\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Software602 Form Filler (Enabled) = C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Funmoods = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.4_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_1\
CHR - Extension: YouTube = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: New Tab = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.3.1_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: StartNow = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei\2.5.0_0\
CHR - Extension: Norton Identity Protection = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.1.0.32_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_1\
CHR - Extension: Gmail = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Funmoods = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.4_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_1\
CHR - Extension: YouTube = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: New Tab = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.3.1_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: StartNow = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei\2.5.0_0\
CHR - Extension: Norton Identity Protection = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.1.0.32_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_1\
CHR - Extension: Gmail = C:\Users\lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.07.08 13:24:10 | 000,435,459 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 14987 more lines...
O2:[b]64bit:[/b] - BHO: (no name) - {7DA17D5A-5718-4130-A605-FC316C827836} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\7.2\dealioToolbarIE.dll File not found
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (no name) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - No CLSID value found.
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - No CLSID value found.
O2 - BHO: (no name) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - No CLSID value found.
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - Reg Error: Value error. File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7DA17D5A-5718-4130-A605-FC316C827836} - No CLSID value found.
O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O2 - BHO: (no name) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - No CLSID value found.
O2 - BHO: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\7.2\dealioToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.1.0.24\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac7311\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000..\Run: [T-Mobile Communication Centre] C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: &Search - http://tbedits.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p=HJxdm073YYcz&si=pconverter&a=93A062E0-D1FB-4ADE-BFB9-8237FE070C95&n=2013010308&cv=1 File not found
O8:[b]64bit:[/b] - Extra context menu item: Otevt programem PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: &Search - http://tbedits.videodownloadconverter.com/one-toolbaredits/menusearch.jhtml?s=205320000&p=HJxdm073YYcz&si=pconverter&a=93A062E0-D1FB-4ADE-BFB9-8237FE070C95&n=2013010308&cv=1 File not found
O8 - Extra context menu item: Otevt programem PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: Nastaven Litiky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Nastaven Litiky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - Reg Error: Key error. File not found
O9 - Extra Button: ZvrazovaslovLitiky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : ZvrazovaslovLitiky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - Reg Error: Key error. File not found
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - Reg Error: Key error. File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-3649955308-1546059468-2745362677-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/static/pages/isds/cab/filleractivex.cab?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.85.1.100 193.85.2.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{149AE560-F7A0-4AF3-978E-888FE6F9E33C}: DhcpNameServer = 193.85.1.100 193.85.2.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{149AE560-F7A0-4AF3-978E-888FE6F9E33C}: NameServer = 93.153.117.1,93.153.117.33
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{658b2502-6da3-11e1-ad5d-002421264904}\Shell - "" = AutoRun
O33 - MountPoints2\{658b2502-6da3-11e1-ad5d-002421264904}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{658b2557-6da3-11e1-ad5d-002421264904}\Shell - "" = AutoRun
O33 - MountPoints2\{658b2557-6da3-11e1-ad5d-002421264904}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{658b2562-6da3-11e1-ad5d-002421264904}\Shell - "" = AutoRun
O33 - MountPoints2\{658b2562-6da3-11e1-ad5d-002421264904}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.aacacm - C:\Windows\SysWow64\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\LAGARITH.DLL ( )
Drivers32: VIDC.MLCY - C:\Windows\SysWow64\mlc.dll ()
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013.07.09 10:35:54 | 000,000,000 | ---D | C] -- C:\viry
[2013.07.09 08:35:45 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.09 08:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.07.09 08:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013.07.09 08:35:00 | 001,132,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymEFA64.sys
[2013.07.09 08:35:00 | 000,776,352 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtsp64.sys
[2013.07.09 08:35:00 | 000,493,216 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymDS64.sys
[2013.07.09 08:35:00 | 000,432,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\symnets.sys
[2013.07.09 08:35:00 | 000,224,416 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\Ironx64.sys
[2013.07.09 08:35:00 | 000,168,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\ccSetx64.sys
[2013.07.09 08:35:00 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtspx64.sys
[2013.07.09 08:35:00 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymELAM.sys
[2013.07.09 08:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2013.07.09 08:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1401000.018
[2013.07.09 08:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2013.07.09 08:34:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013.07.09 08:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013.07.09 08:29:15 | 000,000,000 | ---D | C] -- C:\Users\Lauer\Desktop\Kontrola
[2013.07.08 15:24:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.07.08 15:24:04 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.08 13:42:18 | 006,604,352 | ---- | C] (AVAST Software) -- C:\Users\Lauer\Desktop\avast_free_antivirus_setup_online.exe
[2013.06.28 00:19:33 | 000,000,000 | ---D | C] -- C:\Users\Lauer\AppData\Roaming\Panda Security
[2013.06.28 00:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2013.06.28 00:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2013.06.22 00:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013.06.21 23:45:16 | 000,000,000 | ---D | C] -- C:\Users\Lauer\Desktop\RK_Quarantine
[2013.06.18 18:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.06.15 15:06:58 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.15 15:06:56 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.14 20:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013.06.14 20:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2013.06.13 21:53:49 | 000,000,000 | ---D | C] -- C:\Users\Lauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2013.06.13 21:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PicPick
[2013.06.13 21:49:21 | 000,000,000 | ---D | C] -- C:\Users\Lauer\AppData\Local\{54087446-EEB5-4606-8810-DE7328642E7D}
[2013.06.13 12:51:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.13 12:51:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.13 12:51:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.13 12:51:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.13 12:51:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.13 12:51:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.13 12:51:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.13 12:51:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.13 12:51:39 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.13 12:51:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.13 12:51:37 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.13 12:51:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.13 12:51:36 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.13 12:08:15 | 009,089,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.06.13 10:49:23 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.13 10:49:23 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.13 10:49:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.13 10:49:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.13 10:49:06 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.13 10:49:03 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.13 10:49:03 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.13 10:49:03 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.13 10:49:02 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.13 10:49:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.13 10:49:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.13 10:48:56 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.13 10:48:56 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012.10.06 19:04:17 | 007,093,090 | ---- | C] (EffectMatrix, Inc.                                          ) -- C:\Users\Lauer\EM_PowerPoint_Video_Converter_setup.exe
[2002.05.27 10:25:12 | 000,295,424 | ---- | C] (Tomas Zavodny) -- C:\Users\Lauer\SubtitleToolCZ.exe
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2022.08.08 09:04:33 | 000,688,818 | ---- | M] () -- C:\Users\Lauer\Documents\ON LINE DATA - Zkony a vyhlky obch.zkonk.htm
[2013.07.09 10:48:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.09 10:46:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000UA.job
[2013.07.09 10:46:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.09 10:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.09 08:41:35 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\VT20130115.021
[2013.07.09 08:38:11 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.09 08:38:11 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.09 08:36:01 | 002,370,446 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\Cat.DB
[2013.07.09 08:35:45 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.09 08:35:45 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.09 08:35:45 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.09 07:58:03 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.09 07:57:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.09 07:57:39 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.08 15:22:46 | 000,781,383 | ---- | M] () -- C:\Users\Lauer\Desktop\RSIT.exe
[2013.07.08 13:44:17 | 000,000,115 | ---- | M] () -- C:\Windows\wininit.ini
[2013.07.08 13:43:28 | 001,478,822 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.08 13:43:28 | 000,634,530 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.08 13:43:28 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.08 13:43:28 | 000,123,120 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.08 13:43:28 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.08 13:41:08 | 006,604,352 | ---- | M] (AVAST Software) -- C:\Users\Lauer\Desktop\avast_free_antivirus_setup_online.exe
[2013.07.08 13:38:32 | 000,012,830 | ---- | M] () -- C:\FixitRegBackup.reg
[2013.07.08 13:24:10 | 000,435,459 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.08 13:19:21 | 000,435,459 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130708-132410.backup
[2013.07.08 12:44:40 | 000,000,862 | ---- | M] () -- C:\Windows\SysNative\termcap
[2013.07.02 15:04:36 | 000,420,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.28 17:13:29 | 000,398,836 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled8.bmp
[2013.06.28 17:12:19 | 000,574,896 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled7.bmp
[2013.06.28 17:11:13 | 000,321,534 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled6.bmp
[2013.06.28 17:09:55 | 000,318,454 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled5.bmp
[2013.06.28 17:08:58 | 000,400,292 | ---- | M] () -- C:\Users\Lauer\Desktop\4.bmp
[2013.06.28 17:08:14 | 000,471,774 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled3.bmp
[2013.06.28 17:06:40 | 000,492,454 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled2.bmp
[2013.06.28 17:05:39 | 000,468,584 | ---- | M] () -- C:\Users\Lauer\Desktop\untitled1.bmp
[2013.06.24 06:46:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000Core.job
[2013.06.21 23:49:41 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130708-131921.backup
[2013.06.19 07:48:48 | 000,002,368 | ---- | M] () -- C:\Users\Lauer\Desktop\Google Chrome.lnk
[2013.06.18 21:42:42 | 000,225,346 | ---- | M] () -- C:\Users\Lauer\Desktop\Valn hromada.bmp
[2013.06.18 21:41:32 | 000,173,362 | ---- | M] () -- C:\Users\Lauer\Desktop\Pozvnka.bmp
[2013.06.18 18:42:40 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.06.13 12:08:26 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.13 12:08:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.13 12:08:17 | 009,089,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.07.09 10:48:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.09 08:42:34 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\VT20130115.021
[2013.07.09 08:35:51 | 002,370,446 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\Cat.DB
[2013.07.09 08:35:45 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.09 08:35:45 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.09 08:34:51 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymEFA.inf
[2013.07.09 08:34:51 | 000,002,851 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymDS.inf
[2013.07.09 08:34:51 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymNet.inf
[2013.07.09 08:34:51 | 000,001,436 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtsp64.inf
[2013.07.09 08:34:51 | 000,001,418 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtspx64.inf
[2013.07.09 08:34:51 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\symELAM.inf
[2013.07.09 08:34:51 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\ccSetx64.inf
[2013.07.09 08:34:51 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\Iron.inf
[2013.07.09 08:34:39 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymELAM64.cat
[2013.07.09 08:34:39 | 000,008,942 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymVTcer.dat
[2013.07.09 08:34:39 | 000,007,611 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\ccSetx64.cat
[2013.07.09 08:34:39 | 000,007,605 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtspx64.cat
[2013.07.09 08:34:39 | 000,007,603 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymEFA64.cat
[2013.07.09 08:34:39 | 000,007,601 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\symnet64.cat
[2013.07.09 08:34:39 | 000,007,601 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\srtsp64.cat
[2013.07.09 08:34:39 | 000,007,597 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\SymDS64.cat
[2013.07.09 08:34:39 | 000,007,593 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\iron.cat
[2013.07.09 08:34:39 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1401000.018\isolate.ini
[2013.07.08 15:23:58 | 000,781,383 | ---- | C] () -- C:\Users\Lauer\Desktop\RSIT.exe
[2013.07.08 13:44:17 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini
[2013.07.08 13:38:31 | 000,012,830 | ---- | C] () -- C:\FixitRegBackup.reg
[2013.07.08 12:44:45 | 000,000,862 | ---- | C] () -- C:\Windows\SysNative\termcap
[2013.06.28 17:13:28 | 000,398,836 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled8.bmp
[2013.06.28 17:12:19 | 000,574,896 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled7.bmp
[2013.06.28 17:11:13 | 000,321,534 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled6.bmp
[2013.06.28 17:09:54 | 000,318,454 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled5.bmp
[2013.06.28 17:08:57 | 000,400,292 | ---- | C] () -- C:\Users\Lauer\Desktop\4.bmp
[2013.06.28 17:08:14 | 000,471,774 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled3.bmp
[2013.06.28 17:06:40 | 000,492,454 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled2.bmp
[2013.06.28 17:05:39 | 000,468,584 | ---- | C] () -- C:\Users\Lauer\Desktop\untitled1.bmp
[2013.06.18 21:42:42 | 000,225,346 | ---- | C] () -- C:\Users\Lauer\Desktop\Valn hromada.bmp
[2013.06.18 21:41:31 | 000,173,362 | ---- | C] () -- C:\Users\Lauer\Desktop\Pozvnka.bmp
[2013.06.18 18:42:40 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.06.18 18:41:14 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.18 18:41:12 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 19:54:35 | 000,001,397 | ---- | C] () -- C:\Users\Lauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.14 14:43:36 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.14 14:43:36 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.14 14:43:29 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.02 15:16:56 | 001,127,936 | ---- | C] () -- C:\Users\Lauer\mdxredist.msi
[2013.01.17 16:40:57 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013.01.17 16:40:56 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013.01.11 10:16:52 | 004,336,640 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012.12.02 08:45:25 | 000,000,172 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2012.12.02 08:42:03 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2012.10.07 21:21:48 | 000,290,500 | ---- | C] () -- C:\Users\Lauer\AppData\Local\funmoods-speeddial_sf.crx
[2012.10.07 21:21:43 | 000,031,465 | ---- | C] () -- C:\Users\Lauer\AppData\Local\funmoods.crx
[2012.08.19 20:59:02 | 000,745,016 | ---- | C] () -- C:\Windows\unins000.exe
[2012.08.19 20:59:02 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\LAGARITH.DLL
[2012.08.19 20:59:02 | 000,042,247 | ---- | C] () -- C:\Windows\unins000.dat
[2012.07.09 10:11:34 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.05.22 01:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012.04.28 10:33:32 | 000,016,240 | ---- | C] () -- C:\ProgramData\CuteFLVformat.ini
[2012.04.28 10:33:32 | 000,007,556 | ---- | C] () -- C:\ProgramData\CuteFLVvideoconverter.ini
[2012.04.22 20:17:42 | 000,000,058 | ---- | C] () -- C:\Users\Lauer\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012.04.02 15:19:06 | 000,111,450 | ---- | C] () -- C:\ProgramData\Cutevideoformat.ini
[2012.04.02 15:19:06 | 000,055,556 | ---- | C] () -- C:\ProgramData\Cutevideoconverter.ini
[2012.03.16 16:38:03 | 000,000,261 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.03.16 16:38:03 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.03.16 16:20:20 | 000,002,944 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2011.12.06 17:08:10 | 000,000,168 | ---- | C] () -- C:\Users\Lauer\AppData\Roaming\trueburner.ini
[2011.06.30 18:11:40 | 000,043,520 | ---- | C] () -- C:\Users\Lauer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011.08.27 19:07:23 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\602Installer
[2011.08.27 19:07:31 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\602XML
[2011.11.17 17:40:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Babylon
[2012.09.28 18:57:44 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Canon
[2011.08.11 10:21:21 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\CD-LabelPrint
[2013.01.17 17:31:17 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ControlCenter4
[2013.05.14 13:46:41 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\COWON
[2013.03.25 06:26:12 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Digiarty
[2012.04.22 20:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DonationCoder
[2012.06.29 10:08:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DVDVideoSoft
[2012.06.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.29 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ESET
[2011.10.16 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FeyWriter
[2012.10.22 11:32:14 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner
[2012.07.09 10:11:42 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FreeAudioPack
[2012.08.21 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FreeCDRipper
[2013.02.28 16:58:52 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Funmoods
[2012.05.07 15:51:15 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\GeoVid
[2011.06.29 14:54:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\GHISLER
[2012.01.27 12:55:27 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\gtk-2.0
[2013.05.02 15:07:05 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\InterTrust
[2013.03.09 17:38:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\MOVAVI
[2012.12.02 08:43:29 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\MyHeritage
[2011.08.10 17:28:17 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nokia
[2011.08.10 17:57:21 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nokia Multimedia Player
[2012.03.16 16:30:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nuance
[2013.05.14 19:57:30 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\OpenCandy
[2012.01.02 02:30:06 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Opera
[2013.06.28 00:19:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Panda Security
[2011.07.08 10:14:50 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\PC Suite
[2012.09.16 19:52:18 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\PhotoScape
[2011.07.06 08:35:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\picpick
[2012.12.27 14:47:20 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Recolored
[2012.04.02 17:11:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\screenrecorder
[2013.06.21 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Seznam.cz
[2012.10.07 20:51:00 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\SoftGrid Client
[2012.12.17 03:21:04 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\StartNow Toolbar
[2012.12.02 08:42:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2012.09.20 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\TP
[2013.03.26 17:03:11 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\TuneUp Software
[2013.06.13 21:53:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Win7codecs
[2012.03.30 04:36:55 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\XnView
[2012.05.24 16:49:00 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Zeon
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]<  >[/color]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,001,496 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.29 20:37:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.09 06:40:54 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000Core.job
[2013.06.09 06:40:55 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000UA.job
[2013.06.18 18:41:12 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.18 18:41:14 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
[color=#A23BEC]< MD5 for: HAL.DLL  >[/color]
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< %systemroot%*.* /U /s >[/color]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[16 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8601030f46bc78e53cf0de2c1b12cece\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8601030f46bc78e53cf0de2c1b12cece\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp files -> C:\Windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp -> ]
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[10 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2011.08.27 19:07:23 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\602Installer
[2011.08.27 19:07:31 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\602XML
[2011.06.29 14:43:17 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Adobe
[2012.06.11 17:41:31 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Apple Computer
[2012.12.21 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ArcSoft
[2011.06.29 14:59:18 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ATI
[2011.11.17 17:40:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Babylon
[2012.05.03 23:14:49 | 000,000,000 | R--D | M] -- C:\Users\Lauer\AppData\Roaming\Brother
[2012.09.28 18:57:44 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Canon
[2011.08.11 10:21:21 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\CD-LabelPrint
[2013.01.17 17:31:17 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ControlCenter4
[2013.05.14 13:46:41 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\COWON
[2013.03.25 06:26:12 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Digiarty
[2012.04.22 20:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DonationCoder
[2012.06.29 10:08:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DVDVideoSoft
[2012.06.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.29 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\ESET
[2012.03.19 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FastStone
[2011.10.16 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FeyWriter
[2012.03.16 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FLEXnet
[2012.10.22 11:32:14 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner
[2012.07.09 10:11:42 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FreeAudioPack
[2012.08.21 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\FreeCDRipper
[2013.02.28 16:58:52 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Funmoods
[2012.05.07 15:51:15 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\GeoVid
[2011.06.29 14:54:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\GHISLER
[2012.02.16 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Google
[2013.03.25 06:12:34 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\GRETECH
[2012.01.27 12:55:27 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\gtk-2.0
[2011.08.13 10:21:59 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Identities
[2011.06.30 16:45:35 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\InstallShield
[2013.05.02 15:07:05 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\InterTrust
[2011.06.29 14:32:22 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Media Center Programs
[2013.06.22 00:06:03 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Media Player Classic
[2013.07.02 14:44:39 | 000,000,000 | --SD | M] -- C:\Users\Lauer\AppData\Roaming\Microsoft
[2013.03.09 17:38:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\MOVAVI
[2012.03.30 04:12:45 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Mozilla
[2012.12.02 08:43:29 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\MyHeritage
[2011.08.10 17:28:17 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nokia
[2011.08.10 17:57:21 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nokia Multimedia Player
[2012.03.16 16:30:58 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Nuance
[2013.05.14 19:57:30 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\OpenCandy
[2012.01.02 02:30:06 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Opera
[2013.06.28 00:19:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Panda Security
[2011.07.08 10:14:50 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\PC Suite
[2012.09.16 19:52:18 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\PhotoScape
[2011.07.06 08:35:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\picpick
[2013.01.03 15:43:26 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Real
[2012.08.13 02:22:05 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Reallusion
[2013.05.30 23:55:00 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\RealNetworks
[2012.12.27 14:47:20 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Recolored
[2012.04.02 17:11:32 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\screenrecorder
[2013.06.21 23:07:48 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Seznam.cz
[2013.01.13 23:21:43 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Skype
[2012.10.07 20:51:00 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\SoftGrid Client
[2012.12.17 03:21:04 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\StartNow Toolbar
[2013.03.23 16:30:07 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\SUPERAntiSpyware.com
[2012.12.02 08:42:02 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2012.09.20 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\TP
[2013.03.26 17:03:11 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\TuneUp Software
[2013.06.27 21:02:37 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\vlc
[2013.06.13 21:53:33 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Win7codecs
[2012.03.30 04:36:55 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\XnView
[2012.05.24 16:49:00 | 000,000,000 | ---D | M] -- C:\Users\Lauer\AppData\Roaming\Zeon
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2013.02.28 16:58:52 | 000,099,704 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe
[2007.03.22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.08.13 19:26:12 | 000,029,926 | R--- | M] () -- C:\Users\Lauer\AppData\Roaming\Microsoft\Installer\{03C71A63-6A09-4B22-96CB-0C5F31D47549}\_9384C007CA7C6140968DCE.exe
[2011.08.13 19:26:12 | 000,111,091 | R--- | M] () -- C:\Users\Lauer\AppData\Roaming\Microsoft\Installer\{03C71A63-6A09-4B22-96CB-0C5F31D47549}\_BC7EB9DF85ECF18A67AE47.exe
[2011.08.13 19:26:12 | 000,111,091 | R--- | M] () -- C:\Users\Lauer\AppData\Roaming\Microsoft\Installer\{03C71A63-6A09-4B22-96CB-0C5F31D47549}\_FEC62F9ED96419F60F40EE.exe
[2011.06.29 15:11:11 | 000,029,926 | R--- | M] () -- C:\Users\Lauer\AppData\Roaming\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
[2010.02.24 13:19:28 | 000,058,896 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
[2012.12.16 17:13:43 | 000,215,889 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\OpenCandy\0F5E106ECA8E41ED8DD2A42AEE6F9BD9\LatestDLMgr.exe
[2013.02.15 21:26:08 | 027,905,968 | ---- | M] (TuneUp Software) -- C:\Users\Lauer\AppData\Roaming\OpenCandy\A118CE640A9C4FE9A8261738C0405736\TuneUpUtilities2013-2200329_cs-CZ.exe
[2013.02.15 21:26:08 | 027,905,968 | ---- | M] (TuneUp Software) -- C:\Users\Lauer\AppData\Roaming\OpenCandy\F98AD85904014DB695288D8C38F66D70\TuneUpUtilities2013-2200329_cs-CZ.exe
[2012.09.24 21:48:29 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012.10.02 08:56:18 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2012.10.11 18:46:31 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2012.12.26 16:29:12 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2013.01.03 14:57:27 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2013.03.25 09:00:41 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2013.04.04 15:43:22 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\temp\~Upg6\rnupgagent.exe
[2012.12.26 16:29:12 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012.12.26 19:32:50 | 039,416,288 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe
[2012.12.26 19:30:10 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe
[2013.03.25 09:00:41 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Lauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
[2013.01.17 17:05:11 | 023,381,440 | ---- | M] (Macrovision Corporation) -- C:\Users\Lauer\AppData\Roaming\Reallusion\BSandWBinstaller.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Lauer\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job >[/color]
[2013.07.09 11:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.09 07:58:03 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.09 10:46:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.24 06:46:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000Core.job
[2013.07.09 10:46:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3649955308-1546059468-2745362677-1000UA.job
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /3 >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.* /3 >[/color]
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
"T-Mobile Communication Centre" = "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2010.03.02 20:29:46 | 001,347,496 | ---- | M] (Gemfor s.r.o.)
"ISUSPM" = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler -- [2009.05.05 17:06:06 | 000,222,496 | ---- | M] (Acresso Corporation)
"Google Update" = "C:\Users\Lauer\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.06.09 06:40:50 | 000,116,648 | ---- | M] (Google Inc.)
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >[/color]
[2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=95110A1C5A1D228AC1DDF6AB67D00BEB -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
[color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >[/color]
[2013.05.17 04:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
 
[color=#A23BEC]< %PROGRAMFILES%\Opera\opera.exe /md5 >[/color]
 
[color=#A23BEC]< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< %SystemDrive%\PhysicalMBR.bin /md5 >[/color]
[2013.07.09 10:48:39 | 000,000,512 | ---- | M] () MD5=CF7441B6276C092C40B4A6B93AB9DFFA -- C:\PhysicalMBR.bin
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< *crack* /s >[/color]
[2010.10.04 22:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
 
[color=#A23BEC]< *keygen* /s >[/color]
 
[color=#A23BEC]< *loader* /s >[/color]
[2010.12.07 17:43:38 | 001,817,200 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.01.25 11:27:06 | 000,649,728 | ---- | M] () -- \Program Files (x86)\Digiarty\DAPlayer\Loader.exe
[2010.02.07 22:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.03.28 12:21:20 | 000,005,987 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\scripts\io\downloader.js
[2013.01.17 06:39:36 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploader.exe
[2013.01.17 06:39:42 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderde.exe
[2013.01.17 06:39:44 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderes.exe
[2013.01.17 06:39:46 | 000,382,312 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderfr.exe
[2013.01.17 06:39:52 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderit.exe
[2013.01.17 06:39:54 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderjp.exe
[2013.01.17 06:39:56 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploadernl.exe
[2013.01.17 06:39:58 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderpl.exe
[2013.01.17 06:40:00 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderpt.exe
[2013.01.17 06:40:04 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploaderru.exe
[2013.01.17 06:40:08 | 000,296,296 | ---- | M] () -- \Program Files (x86)\Movavi Video Converter 12\PSPUploadertr.exe
[2010.03.09 01:35:00 | 000,036,128 | ---- | M] () -- \Program Files (x86)\Nuance\PaperPort\AppDomainLoader.dll
[2013.04.16 11:50:26 | 000,251,789 | ---- | M] () -- \Program Files (x86)\RealNetworks\RealDownloader\downloader.vs
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.01.03 14:52:37 | 000,012,512 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2013.01.03 14:52:37 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.04.16 03:07:00 | 000,015,168 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2013.04.16 01:41:00 | 000,000,319 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.04.16 03:11:38 | 000,002,584 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2013.01.03 14:52:37 | 000,012,512 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2013.01.03 14:52:37 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.04.16 03:07:00 | 000,015,168 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2013.04.16 01:41:00 | 000,000,319 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.04.16 03:11:38 | 000,002,584 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2013.02.26 23:48:52 | 000,000,723 | ---- | M] () -- \Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.4_0\img\ajax-loader.gif
[2013.02.26 23:48:52 | 000,003,441 | ---- | M] () -- \Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.4_0\js\FMLoader.js
[2013.06.18 14:04:56 | 000,005,884 | ---- | M] () -- \Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.3.1_0\skin\newtab\images\ajax-loader-2.gif
[2013.06.18 14:04:56 | 000,010,819 | ---- | M] () -- \Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.3.1_0\skin\newtab\images\ajax-loader-bar.gif
[2013.06.18 14:04:56 | 000,002,824 | ---- | M] () -- \Users\Lauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.3.1_0\skin\newtab\images\ajax-loader.gif
[2013.03.13 19:48:44 | 000,010,145 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm
[2013.02.14 22:18:38 | 000,010,145 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}\modules\ExternalLibraryLoader.jsm
[2012.06.18 15:27:22 | 000,003,681 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Mozilla\Firefox\Profiles\6j3yca8b.default\extensions\ffxtlbr@funmoods.com\content\loader.xul
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\bin\14332libfoxloader.dll
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\bin\3497libfoxloader-x64.dll
[2013.05.12 14:00:50 | 000,000,165 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.21 11:28:36 | 000,031,549 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.0-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Lauer\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012.06.29 10:13:55 | 000,000,539 | ---- | M] () -- \Users\Lauer\Documents\DVDVideoSoft\FreeYouTubeUploader_log.txt
[2008.04.04 20:37:57 | 000,001,128 | ---- | M] () -- \Users\Lauer\Documents\Zv - vzor zdarma ke staen-MUDr_ Zbynk Mloch_soubory\tabs_slides_def_loader.js
[2011.06.29 14:47:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[10 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[10 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.30 09:24:29 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.30 09:24:29 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.30 09:24:29 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.30 09:24:29 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.30 09:24:29 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2008.04.04 20:37:57 | 000,001,128 | ---- | M] () -- \zaloha\Dokumenty\Zv - vzor zdarma ke staen-MUDr_ Zbynk Mloch_soubory\tabs_slides_def_loader.js
[2008.02.21 16:49:04 | 000,051,576 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Data aplikac\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\N360\Setup\NPC\HSLoader.exe
[2008.04.04 20:37:57 | 000,001,128 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Dokumenty\Vyddn - pravidla a vzor ke staen zdarma-MUDr_ Zbynk Mloch_soubory\tabs_slides_def_loader.js
[2008.04.04 20:37:57 | 000,001,128 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Dokumenty\Zv - vzor zdarma ke staen-MUDr_ Zbynk Mloch_soubory\tabs_slides_def_loader.js
[2009.06.12 14:35:03 | 000,002,608 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\8JIVSPYV\loader[2].gif
[2009.06.14 19:21:02 | 000,000,905 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\8XI3O1YR\TooltipLoader[1].css
[1 \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\8XI3O1YR\*.tmp files -> \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\8XI3O1YR\*.tmp -> ]
[2009.06.12 13:39:34 | 000,002,608 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\IDKPYPWZ\loader[1].gif
[2009.06.27 09:50:07 | 000,002,084 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\O9GPIR8H\loader_frame[1].htm
[2009.06.28 19:41:17 | 000,010,819 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\O9GPIR8H\preloader[1].gif
[2009.06.28 19:23:17 | 000,000,673 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\QDGBI9A5\loader[1].gif
[2009.06.14 19:21:02 | 000,014,290 | ---- | M] () -- \zaloha\zaloha\Documents and Settings\Lauer\Local Settings\Temporary Internet Files\Content.IE5\WHQRW1Q7\TooltipLoader[1].js
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5CB1E0D3

< End of report >
