Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Facebook - Flash Player (Win32/Delf.QCZ)

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#16 Příspěvek od Andyfuk »

Mno tak počítač se zatím chová v klid jako předtím než byl napaden. Sice je nějaký pomalí, ale to mě teď nemrzí :)

RSIT Log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by GAME at 2011-10-29 22:06:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 121 GB (27%) free of 454 GB
Total RAM: 4095 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:59, on 29.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
C:\Windows\SysWOW64\javaw.exe
C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\GAME.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-21-4285535737-698878448-3188201288-1010\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4285535737-698878448-3188201288-1010\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4285535737-698878448-3188201288-1010\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4285535737-698878448-3188201288-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
O4 - Global Startup: RocketDock.lnk = C:\Windows\iOS Skin Pack\RocketDock\RocketDock.exe
O4 - Global Startup: UberIcon.lnk = C:\Windows\iOS Skin Pack\UberIcon\UberIcon.exe
O4 - Global Startup: YzShadow.lnk = C:\Windows\iOS Skin Pack\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - http://content.systemrequirementslab.co ... 1.71.0.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.26.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11561 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1936
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
"C:\Windows\System32\rundll32.exe" SPIRunE.dll,RunDLLEntry
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe" -T
"C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\rundll32.exe "C:\Users\GAME\AppData\Local\Google\Chrome\APPLIC~1\120742~1.91\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\gcswf32.dll" --lang=cs --channel=4196.077628B0.190535575 /prefetch:4 --flash-broker=3280
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\QIP 2012\qip.exe"
"C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe"
"C:\Windows\System32\javaw.exe" -Dgs.minodlogin.appexe="C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe" -jar MiNODLogin.jar
"C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_4/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/disabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_16/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/ --channel=4196.06B28E68.2106670620 /prefetch:3
"C:\Users\GAME\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_4/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/disabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_16/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/ --channel=4196.0779D948.470331668 /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\GAME\Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job

=========Mozilla firefox=========

ProfilePath - C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.1.0.12, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, DTToolbar@toolbarnet.com:1.1.4.0024, vshare@toolbar:1.0.2, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.8, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {c2db4fe6-8409-45ce-8010-189a7b5cce86}:3.5.0.12, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=0.80.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
fcmdSrchdesktop.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions\
plugin3@gameplaylabs.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}

C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin.xml
qip-search.xml
search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-10 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RivaTuner"=C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe [2009-08-22 24576]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 4035152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-03-29 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files (x86)\Clownfish\Clownfish.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dyyno Launcher]
C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe 30100 30101 30102 30103 30104 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2011-09-30 27763848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP Infium\infium.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-09-06 2419]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\GAME\AppData\Roaming\QipGuard\QipGuard.exe [2011-10-26 191440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoccatKone+]
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2011-04-04 556072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPIRunE]
Rundll32 SPIRunE.dll,RunDLLEntry []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sponsorkeyword]
C:\Program Files (x86)\sponsorkeyword\sponsorkeyword.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2011-09-22 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-03-29 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]
C:\PROGRA~2\ESET\MINODL~1\MINODL~1.EXE [2011-07-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
C:\PROGRA~2\GAMERS~1\LIVE!\Live.exe [2011-08-16 2589808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^GAME^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~2\Hamachi\hamachi.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^GAME^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk]
C:\Program Files (x86)\Real Desktop\Real Desktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^GAME^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe [2011-04-16 3510160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
"SPIRunE"=Rundll32 SPIRunE.dll,RunDLLEntry []
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter IIScheduleAgent.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
RocketDock.lnk - C:\Windows\iOS Skin Pack\RocketDock\RocketDock.exe
UberIcon.lnk - C:\Windows\iOS Skin Pack\UberIcon\UberIcon.exe
YzShadow.lnk - C:\Windows\iOS Skin Pack\YzShadow\YzShadow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-01 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78892507.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\78892507.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Users\GAME\Downloads\Flash-Player.exe"="C:\Users\GAME\Downloads\Flash-Player.exe:*:Enabled:C:\Users\GAME\Downloads\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\services32.exe"="C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe"
"C:\Windows\update.tray-3-0\svchost.exe"="C:\Windows\update.tray-3-0\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"
"C:\Windows\update.tray-3-0-lnk\svchost.exe"="C:\Windows\update.tray-3-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0-lnk\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2011-10-29 20:54:30 ----D---- C:\ProgramData\ESET
2011-10-29 20:54:30 ----D---- C:\Program Files\ESET
2011-10-29 20:36:43 ----A---- C:\TDSSKiller.2.6.14.0_29.10.2011_20.36.43_log.txt
2011-10-29 18:38:28 ----D---- C:\Program Files\Defraggler
2011-10-29 18:02:27 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-10-29 17:53:27 ----A---- C:\ComboFix.txt
2011-10-29 17:47:18 ----D---- C:\$RECYCLE.BIN
2011-10-29 13:43:30 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-29 12:35:10 ----A---- C:\Windows\zip.exe
2011-10-29 12:35:10 ----A---- C:\Windows\SWSC.exe
2011-10-29 12:35:10 ----A---- C:\Windows\SWREG.exe
2011-10-29 12:35:10 ----A---- C:\Windows\sed.exe
2011-10-29 12:35:10 ----A---- C:\Windows\PEV.exe
2011-10-29 12:35:10 ----A---- C:\Windows\NIRCMD.exe
2011-10-29 12:35:10 ----A---- C:\Windows\MBR.exe
2011-10-29 12:35:10 ----A---- C:\Windows\grep.exe
2011-10-29 12:35:03 ----D---- C:\Windows\ERDNT
2011-10-29 12:34:58 ----D---- C:\Qoobox
2011-10-29 12:04:25 ----D---- C:\Program Files\trend micro
2011-10-29 12:04:24 ----D---- C:\rsit
2011-10-29 06:33:06 ----D---- C:\Program Files (x86)\ESET
2011-10-28 17:51:25 ----D---- C:\Program Files (x86)\THQ
2011-10-28 02:14:40 ----RA---- C:\Windows\SYSWOW64\pbsvc.exe
2011-10-26 21:49:22 ----A---- C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2011-10-24 18:49:05 ----D---- C:\Program Files (x86)\Skin Pack
2011-10-24 18:48:48 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2011-10-24 18:48:40 ----A---- C:\Windows\SYSWOW64\osk.exe
2011-10-24 18:48:40 ----A---- C:\Windows\SYSWOW64\notepad.exe
2011-10-24 18:48:39 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-10-24 18:48:38 ----A---- C:\Windows\SYSWOW64\msra.exe
2011-10-24 18:48:36 ----A---- C:\Windows\SYSWOW64\mspaint.exe
2011-10-24 18:48:33 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2011-10-24 18:48:33 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2011-10-24 18:48:31 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2011-10-24 18:48:29 ----A---- C:\Windows\explorer.exe
2011-10-24 18:48:27 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2011-10-24 18:48:26 ----A---- C:\Windows\SYSWOW64\DisplaySwitch.exe
2011-10-24 18:48:26 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2011-10-24 18:48:25 ----A---- C:\Windows\SYSWOW64\control.exe
2011-10-24 18:48:25 ----A---- C:\Windows\SYSWOW64\colorcpl.exe
2011-10-24 18:48:24 ----A---- C:\Windows\SYSWOW64\cleanmgr.exe
2011-10-24 18:48:21 ----A---- C:\Windows\SYSWOW64\charmap.exe
2011-10-24 18:48:21 ----A---- C:\Windows\SYSWOW64\calc.exe
2011-10-24 18:48:19 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2011-10-24 18:48:19 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2011-10-24 18:48:17 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2011-10-24 18:48:17 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-10-24 18:48:13 ----A---- C:\Windows\SYSWOW64\wdc.dll
2011-10-24 18:48:12 ----A---- C:\Windows\SYSWOW64\Vault.dll
2011-10-24 18:48:11 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2011-10-24 18:48:10 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2011-10-24 18:48:09 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2011-10-24 18:48:08 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2011-10-24 18:48:07 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2011-10-24 18:47:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-10-24 18:47:44 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2011-10-24 18:47:37 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2011-10-24 18:47:36 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2011-10-24 18:47:35 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2011-10-24 18:47:34 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2011-10-24 18:47:33 ----A---- C:\Windows\SYSWOW64\odbcint.dll
2011-10-24 18:47:25 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2011-10-24 18:47:24 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2011-10-24 18:47:23 ----A---- C:\Windows\SYSWOW64\mycomput.dll
2011-10-24 18:47:21 ----A---- C:\Windows\SYSWOW64\miguiresource.dll
2011-10-24 18:47:21 ----A---- C:\Windows\SYSWOW64\iscsicpl.dll
2011-10-24 18:46:59 ----A---- C:\Windows\SYSWOW64\imageres.dll
2011-10-24 18:46:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-24 18:46:50 ----D---- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-10-24 18:46:50 ----A---- C:\Windows\SYSWOW64\gameux.dll
2011-10-24 18:46:50 ----A---- C:\Windows\SYSWOW64\fontext.dll
2011-10-24 18:46:49 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2011-10-24 18:46:49 ----A---- C:\Windows\SYSWOW64\filemgmt.dll
2011-10-24 18:46:48 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-10-24 18:46:48 ----A---- C:\Windows\SYSWOW64\Display.dll
2011-10-24 18:46:47 ----A---- C:\Windows\SYSWOW64\devmgr.dll
2011-10-24 18:46:47 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2011-10-24 18:46:35 ----A---- C:\Windows\SYSWOW64\DDORes.dll
2011-10-24 18:46:34 ----A---- C:\Windows\SYSWOW64\comres.dll
2011-10-24 18:46:33 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2011-10-24 18:46:33 ----A---- C:\Windows\SYSWOW64\AuthFWGP.dll
2011-10-24 18:46:32 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2011-10-24 18:46:32 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2011-10-24 18:46:24 ----A---- C:\Windows\SYSWOW64\stobject.dll
2011-10-24 18:46:24 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2011-10-24 18:46:23 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2011-10-24 18:46:22 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2011-10-24 18:46:22 ----A---- C:\Windows\SYSWOW64\browseui.dll
2011-10-24 18:46:21 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2011-10-24 18:46:15 ----A---- C:\Windows\SYSWOW64\netshell.dll
2011-10-24 18:46:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2011-10-24 18:46:14 ----A---- C:\Windows\SYSWOW64\mmres.dll
2011-10-24 18:46:13 ----A---- C:\Windows\SYSWOW64\imagesp1.dll
2011-10-24 18:46:11 ----A---- C:\Windows\SYSWOW64\themeui.dll.tmp
2011-10-24 18:46:11 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2011-10-24 18:46:10 ----A---- C:\Windows\SYSWOW64\uxtheme.dll.tmp
2011-10-24 18:23:22 ----D---- C:\Users\GAME\AppData\Roaming\AIMP3
2011-10-24 18:23:17 ----D---- C:\Program Files (x86)\AIMP3
2011-10-24 17:28:19 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-24 17:28:19 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-24 17:28:19 ----A---- C:\Windows\SYSWOW64\java.exe
2011-10-23 04:48:30 ----D---- C:\Users\GAME\AppData\Roaming\Mozilla-Cache
2011-10-23 04:47:51 ----D---- C:\Programs
2011-10-23 03:12:08 ----D---- C:\Program Files\Steam
2011-10-20 22:25:25 ----D---- C:\Program Files\Firefly Studios
2011-10-20 14:46:13 ----D---- C:\Program Files (x86)\QipGuard
2011-10-19 23:32:59 ----D---- C:\Users\GAME\AppData\Roaming\InstallShield Installation Information
2011-10-19 23:32:02 ----D---- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-10-19 23:25:32 ----D---- C:\Program Files (x86)\Vogster Entertainment
2011-10-19 20:12:23 ----A---- C:\Windows\SYSWOW64\bassmod.dll
2011-10-18 23:44:15 ----D---- C:\Users\GAME\AppData\Roaming\PhotoScape
2011-10-18 23:43:28 ----D---- C:\Program Files (x86)\PhotoScape
2011-10-12 15:18:34 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 15:18:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 15:18:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 15:18:34 ----A---- C:\Windows\system32\url.dll
2011-10-12 15:18:34 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 15:18:34 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 15:18:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 15:18:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 15:18:33 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 15:18:33 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 15:18:33 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 15:18:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-12 15:18:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-12 15:18:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 15:18:32 ----A---- C:\Windows\system32\jscript9.dll
2011-10-12 15:18:32 ----A---- C:\Windows\system32\jscript.dll
2011-10-12 15:18:32 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 15:18:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 15:18:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 15:18:30 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 15:18:29 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 15:06:51 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 15:06:48 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 15:06:47 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 15:06:16 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-12 15:06:16 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 15:06:15 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 15:06:15 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-10 23:59:48 ----D---- C:\ProgramData\Readon
2011-10-09 22:27:55 ----D---- C:\ProgramData\SplitMediaLabs
2011-10-09 22:27:22 ----D---- C:\Users\GAME\AppData\Roaming\SplitMediaLabs
2011-10-09 22:11:01 ----D---- C:\Program Files (x86)\Readon Technology
2011-10-09 00:38:56 ----A---- C:\Windows\game.ini
2011-10-03 15:54:22 ----D---- C:\ProgramData\Solidshield
2011-10-02 21:25:55 ----D---- C:\Program Files (x86)\CodiGirls KM
2011-10-02 21:25:55 ----A---- C:\Windows\SYSWOW64\utilhlps.exe
2011-09-30 20:48:17 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2011-09-30 20:48:16 ----D---- C:\Program Files (x86)\Intel
2011-09-30 20:48:02 ----D---- C:\Intel
2011-09-30 20:30:32 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-09-30 19:54:34 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\OpenCL.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvoglv64.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvgenco64.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvdispco64.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvcuvid.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvcuda.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvcompiler.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\nvapi64.dll
2011-09-30 19:54:34 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-09-30 19:39:26 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2011-09-30 19:21:11 ----D---- C:\Users\GAME\AppData\Roaming\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
2011-09-30 18:27:14 ----D---- C:\Users\GAME\AppData\Roaming\Origin
2011-09-30 18:24:52 ----D---- C:\ProgramData\Origin
2011-09-30 18:24:52 ----D---- C:\Program Files (x86)\Origin Games
2011-09-30 18:24:38 ----D---- C:\Program Files (x86)\Origin

======List of files/folders modified in the last 1 month======

2011-10-29 22:06:59 ----D---- C:\Windows\Temp
2011-10-29 22:06:37 ----D---- C:\Users\GAME\AppData\Roaming\uTorrent
2011-10-29 22:05:03 ----D---- C:\Users\GAME\AppData\Roaming\Skype
2011-10-29 21:54:38 ----D---- C:\Program Files (x86)\Steam
2011-10-29 21:52:51 ----D---- C:\ProgramData\NVIDIA
2011-10-29 21:17:35 ----SHD---- C:\Windows\Installer
2011-10-29 21:16:55 ----D---- C:\Windows\system32\drivers
2011-10-29 21:16:53 ----D---- C:\Windows\inf
2011-10-29 21:16:51 ----D---- C:\Windows\system32\DriverStore
2011-10-29 21:16:51 ----D---- C:\Windows\system32\catroot
2011-10-29 21:15:35 ----D---- C:\Config.Msi
2011-10-29 21:09:30 ----D---- C:\Windows\system32\config
2011-10-29 20:54:30 ----RD---- C:\Program Files
2011-10-29 20:54:30 ----D---- C:\ProgramData
2011-10-29 20:51:01 ----D---- C:\Windows\system32\Tasks
2011-10-29 20:36:17 ----D---- C:\ProgramData\PageshotsPro
2011-10-29 18:02:27 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-29 17:47:21 ----D---- C:\Windows
2011-10-29 17:47:20 ----A---- C:\Windows\system.ini
2011-10-29 17:47:15 ----D---- C:\Windows\system32\drivers\etc
2011-10-29 17:46:36 ----RD---- C:\Program Files (x86)
2011-10-29 17:44:49 ----D---- C:\Windows\SysWOW64
2011-10-29 17:42:03 ----D---- C:\Windows\System32
2011-10-29 17:42:03 ----D---- C:\Windows\AppPatch
2011-10-29 17:42:01 ----D---- C:\Program Files\Common Files
2011-10-29 17:42:01 ----D---- C:\Program Files (x86)\Common Files
2011-10-29 17:32:20 ----SHD---- C:\System Volume Information
2011-10-29 17:30:55 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-10-29 12:51:58 ----D---- C:\Windows\Tasks
2011-10-29 11:20:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-10-29 01:14:57 ----D---- C:\Users\GAME\AppData\Roaming\FileZilla
2011-10-28 23:53:26 ----D---- C:\Windows\SYSWOW64\directx
2011-10-28 16:53:58 ----SD---- C:\Users\GAME\AppData\Roaming\Microsoft
2011-10-28 16:46:17 ----D---- C:\Program Files (x86)\Codemasters
2011-10-28 03:07:18 ----D---- C:\Program Files (x86)\Google
2011-10-28 03:04:41 ----D---- C:\Windows\Prefetch
2011-10-28 03:03:54 ----D---- C:\Program Files (x86)\Activision
2011-10-28 03:03:13 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-10-28 03:02:54 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-10-28 02:55:00 ----RSD---- C:\Windows\assembly
2011-10-28 02:47:28 ----D---- C:\Windows\Logs
2011-10-27 05:12:03 ----D---- C:\Users\GAME\AppData\Roaming\DAEMON Tools Lite
2011-10-27 03:05:41 ----D---- C:\Windows\winsxs
2011-10-26 19:41:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-26 17:27:09 ----D---- C:\Users\GAME\AppData\Roaming\QipGuard
2011-10-26 17:27:06 ----D---- C:\Program Files (x86)\QIP 2012
2011-10-25 22:10:28 ----D---- C:\Users\GAME\AppData\Roaming\Winamp
2011-10-24 21:21:45 ----D---- C:\Program Files (x86)\Electronic Arts
2011-10-24 21:19:27 ----D---- C:\Windows\system32\catroot2
2011-10-24 19:22:32 ----D---- C:\Program Files (x86)\SQLyog Community
2011-10-24 19:21:53 ----AD---- C:\ProgramData\TEMP
2011-10-24 19:18:22 ----D---- C:\Windows\system32\NDF
2011-10-24 19:02:51 ----D---- C:\Windows\SYSWOW64\migwiz
2011-10-24 19:02:51 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-10-24 19:02:51 ----D---- C:\Program Files (x86)\Windows Media Player
2011-10-24 19:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-24 19:00:26 ----D---- C:\Windows\system32\cs-CZ
2011-10-24 18:49:00 ----D---- C:\Windows\Cursors
2011-10-24 17:28:08 ----D---- C:\Program Files (x86)\Java
2011-10-23 22:29:09 ----D---- C:\Users\GAME\AppData\Roaming\QIP
2011-10-23 21:44:25 ----D---- C:\Windows\Panther
2011-10-23 21:44:24 ----D---- C:\Windows\debug
2011-10-23 21:44:23 ----D---- C:\Windows\Minidump
2011-10-22 22:27:43 ----D---- C:\Program Files (x86)\Ubisoft
2011-10-20 23:20:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-19 23:02:56 ----D---- C:\ProgramData\PMB Files
2011-10-17 03:17:49 ----D---- C:\Users\GAME\AppData\Roaming\TeamViewer
2011-10-17 02:11:06 ----D---- C:\Program Files (x86)\TeamViewer
2011-10-14 01:28:43 ----D---- C:\Windows\Microsoft.NET
2011-10-12 21:18:52 ----D---- C:\Users\GAME\AppData\Roaming\NVIDIA
2011-10-12 20:22:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-12 19:28:48 ----D---- C:\Windows\SYSWOW64\migration
2011-10-12 19:28:48 ----D---- C:\Windows\system32\migration
2011-10-12 19:28:48 ----D---- C:\Windows\ehome
2011-10-12 19:28:48 ----D---- C:\Program Files\Internet Explorer
2011-10-12 15:23:47 ----A---- C:\Windows\system32\MRT.exe
2011-10-12 15:19:36 ----D---- C:\ProgramData\Microsoft Help
2011-10-11 22:59:35 ----D---- C:\Users\GAME\AppData\Roaming\Xfire
2011-10-11 22:59:34 ----D---- C:\ProgramData\Xfire
2011-10-11 00:02:19 ----D---- C:\Users\GAME\AppData\Roaming\vlc
2011-10-08 22:29:16 ----D---- C:\ProgramData\Creative
2011-10-08 22:08:36 ----D---- C:\Program Files\NVIDIA Corporation
2011-10-03 05:06:03 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-10-03 00:24:59 ----D---- C:\Program Files\CCleaner
2011-10-02 00:56:57 ----D---- C:\Program Files (x86)\Screaming Bee
2011-10-02 00:52:16 ----D---- C:\Program Files (x86)\NCH Swift Sound
2011-10-02 00:48:05 ----D---- C:\Program Files (x86)\Dyyno
2011-10-02 00:47:45 ----D---- C:\Users\GAME\AppData\Roaming\RayV
2011-10-01 21:03:20 ----D---- C:\ProgramData\Norton
2011-10-01 11:42:55 ----D---- C:\Windows\Downloaded Program Files
2011-09-30 20:47:20 ----D---- C:\Windows\RaidTool
2011-09-30 20:30:12 ----HD---- C:\Program Files (x86)\Creative Installation Information
2011-09-30 20:30:05 ----D---- C:\Program Files\Creative
2011-09-30 19:06:44 ----D---- C:\ProgramData\Electronic Arts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2011-05-19 120920]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-02 254528]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-10-24 19952]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 t3;Sound Blaster X-Fi Xtreme Audio; C:\Windows\system32\drivers\t3.sys [2009-06-04 639512]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S3 Cardex;Cardex; \??\C:\Windows\SysWOW64\drivers\TBPANELX64.SYS []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-10-20 33344]
S3 MSIGreenPower;MSIGreenPower; \??\C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\NTGLM7X64.sys []
S3 MSIGreenPowerRushTop;MSIGreenPowerRushTop; \??\C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\RushTop64.sys []
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS_64.sys []
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2010-10-16 53312]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 RushTopDevice_J;RushTopDevice_J; \??\C:\Program Files (x86)\MSI\DualCoreCenter\Green Power Center\RushJ64.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-04-30 425984]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-08-03 980072]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-28 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-10-28 189248]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-10-26 191440]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-03 173352]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-17 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-17 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-17 1045256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-10-12 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 MSUtilHelpSvc;Utility Helper Service; C:\Windows\SysWOW64\utilhlps.exe [2011-10-02 807424]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#17 Příspěvek od chodnik74 »

Děláte si srandu s tím nelegálním ESET? já vám tu vyléčím počítač a vy si tam dáte nelegální ESET...? :evil: Jde o to, že neleální programy jsou největším zdrojem havěti a problémů vůbec a navíc porušujete pravidla fora a zákon :twisted:

Pravidla fora: č.1 a č.2, č.3

Navrhuji Avast :) A dočistíme počítač od používaných programů a zkusíme ho i zrychlit..co vy na to?
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#18 Příspěvek od Andyfuk »

No tak proti zrychlení nejsem vůbec proti, eseta jsem odinstaloval a nainstoval avast:)
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#19 Příspěvek od chodnik74 »

Dobře...



:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Pokud používáte 64 bitový systém,zaškrkněte volbu Pro 64 bitové OS,pokud ne,tak by měla být nezaškrknutá
  • Zaškrkněte okýnko Pro všechny uživatele,Kontrola havět "LOP",Kontrola havět "Purity"
  • Staří souborů změňte z 30 dnů na 7 dnů
  • Do spodního okýnka Vlastní skenování/opravy vložte následující script:

    Kód: Vybrat vše

    netsvcs
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
*crack* /s
*keygen* /s
*nocd* /s
*nodvd* /s
*AutoKMS* /s
*AutoRearm* /s
*Loader* /s
*w7lxe* /s
*Legalizator* /s
*GenuineXP* /s
*minodlogin* /s
serial.txt /s
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces
sTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" 

/c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Klikněte na tlačítko Prohledat
  • Po dokončení skenu,který trvá mezi 5-15 minuty se vám zobrazý dva logy OTL.txt a Extras.txt a ty mě sem vložte
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#20 Příspěvek od Andyfuk »

OTL.txt -

OTL logfile created on: 30.10.2011 18:20:54 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\GAME\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,89% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,23 Gb Total Space | 126,33 Gb Free Space | 28,50% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 78,98 Mb Free Space | 78,99% Space Free | Partition Type: NTFS
Drive E: | 488,18 Gb Total Space | 438,21 Gb Free Space | 89,76% Space Free | Partition Type: NTFS

Computer Name: GAME-PC | User Name: GAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.10.30 18:18:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\GAME\Desktop\OTL.exe
PRC - [2011.10.26 23:22:50 | 007,110,096 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2011.10.26 23:22:42 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\GAME\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2011.09.22 20:27:44 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.08.31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.03.29 15:09:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2007.02.28 17:50:50 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.26 23:23:32 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Win7Helper\Win7Helper.dll
MOD - [2011.10.26 23:23:30 | 000,057,808 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\cards\cards.dll
MOD - [2011.10.26 23:23:18 | 000,907,728 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2011.10.26 23:23:12 | 001,658,320 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2011.10.26 23:23:12 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2011.10.26 23:23:04 | 002,541,008 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2011.10.26 23:22:56 | 000,103,888 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\WebWindow.dll
MOD - [2011.10.26 23:22:54 | 004,660,176 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2011.10.26 23:22:38 | 000,185,296 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\QipGuard\chrome.dll
MOD - [2011.10.12 20:28:36 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011.10.12 20:28:33 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011.10.12 20:28:31 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011.10.12 20:28:29 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011.10.12 20:28:27 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011.06.06 06:28:57 | 000,329,272 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\ppgooglenaclpluginchrome.dll
MOD - [2011.06.06 06:28:56 | 003,649,592 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\pdf.dll
MOD - [2011.06.06 06:27:29 | 000,104,520 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\avutil-50.dll
MOD - [2011.06.06 06:27:27 | 000,203,848 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\avformat-52.dll
MOD - [2011.06.06 06:27:26 | 001,846,344 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\avcodec-52.dll
MOD - [2011.06.06 04:26:04 | 006,333,088 | ---- | M] () -- C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\gcswf32.dll
MOD - [2011.04.09 23:59:38 | 002,273,280 | ---- | M] () -- C:\Program Files (x86)\Skype\Phone\dsound.dll
MOD - [2011.03.27 21:11:04 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2010.06.10 14:08:08 | 000,323,536 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\smssend\smssend.dll
MOD - [2009.03.26 13:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009.03.17 10:39:46 | 000,148,992 | ---- | M] () -- C:\Windows\SysWOW64\OemSpiE.dll
MOD - [2009.02.06 17:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2011.10.28 02:03:13 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.10.28 02:02:54 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.26 23:22:42 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files (x86)\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2011.10.12 20:28:36 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.02 20:26:02 | 000,807,424 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\utilhlps.exe -- (MSUtilHelpSvc)
SRV - [2011.08.31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.30 17:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.05.17 22:32:13 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.05.17 21:38:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.11.17 14:26:09 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.09.03 14:07:46 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.04.30 09:35:20 | 000,425,984 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 16:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.05.19 14:55:34 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2011.05.16 21:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.02 20:13:23 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.20 15:27:18 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.10.15 23:19:47 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk42.sys -- (PSSDK42)
DRV:64bit: - [2010.04.12 09:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010.01.22 09:28:24 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2010.01.22 09:28:22 | 000,174,368 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009.12.01 14:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 02:22:40 | 000,639,512 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t3.sys -- (t3)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2011.10.24 17:50:15 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#21 Příspěvek od Andyfuk »

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found



IE - HKU\.DEFAULT\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 74 6F 90 EB FC CA 01 [binary data]
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.Google.com/
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://qip.ru [binary data]
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/lionskin/{A56 ... C77FF2530A}
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 74 6F 90 EB FC CA 01 [binary data]
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.Google.com/
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.1.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.8
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "http://qip.ru"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="


FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\GAME\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.06.26 02:39:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.10.30 14:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.07 15:15:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.07 15:15:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.07 15:15:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.07 15:15:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.10.04 22:19:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GAME\AppData\Roaming\Mozilla\Extensions
[2011.10.29 16:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions
[2010.12.27 13:08:57 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.10.05 19:28:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2011.04.19 21:57:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions\plugin3@gameplaylabs.com
[2011.08.01 21:41:12 | 000,000,909 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\conduit.xml
[2011.04.02 20:13:08 | 000,002,059 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\daemon-search.xml
[2011.10.21 13:22:42 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-1.xml
[2011.03.25 15:10:29 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-2.xml
[2011.04.01 01:00:28 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-3.xml
[2011.04.03 16:25:17 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-4.xml
[2011.06.11 14:14:20 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-5.xml
[2011.08.06 01:53:13 | 000,000,950 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin-6.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\icqplugin.xml
[2011.10.30 15:17:12 | 000,002,062 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\qip-search.xml
[2011.06.26 14:45:36 | 000,002,382 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\searchplugins\search.xml
[2011.10.29 05:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.09 15:03:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.04 10:07:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.05 15:08:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.08 16:09:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.15 13:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.20 16:34:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.24 16:28:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.06.26 02:39:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\{51A86BB3-6602-4C85-92A5-130EE4864F13}
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\{75656794-AB59-4712-BFBC-5D816D56F3BC}
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
File not found (No name found) -- C:\USERS\GAME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0PRSBUK.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.03.26 06:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2011.09.23 22:54:43 | 000,002,050 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchdesktop.xml
[2011.03.27 21:11:15 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.27 21:11:15 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.03.27 21:11:15 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.03.27 21:11:15 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.03.27 21:11:15 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#22 Příspěvek od Andyfuk »

========== Chrome ==========

CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://www.bigseekpro.com/search/toolba ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\GAME\AppData\Local\Google\Chrome\Application\12.0.742.91\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: XfireXO = C:\Users\GAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbpbcpokffodhpcdjaoopolhdlbconi\2.3.0.15_0\
CHR - Extension: avast! WebRep = C:\Users\GAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: Skin Pack = C:\Users\GAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo\1.0.0\
CHR - Extension: DivX Plus Web Player HTML5 video = C:\Users\GAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2011.10.30 00:15:08 | 000,000,153 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com
O1 - Hosts: 127.0.0.1 game.maniaplanet.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\GAME\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SPIRunE] C:\Windows\SysWow64\SpiRunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001..\Run: [QIP Internet Guardian] C:\Users\GAME\AppData\Roaming\QipGuard\QipGuard.exe (QIP.ru)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010..\RunOnce: [InetReg] C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\..Trusted Domains: internet ([]about in Local intranet)
O15 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..Trusted Domains: internet ([]about in Local intranet)
O15 - HKU\S-1-5-21-4285535737-698878448-3188201288-1010\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.co ... 1.71.0.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9D0F090-26F2-4309-8174-6A41D5568129}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-4285535737-698878448-3188201288-1001\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootMin:64bit: 78892507.sys - Driver
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: 78892507.sys - Driver
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: 78892507.sys - Driver
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: 78892507.sys - Driver
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#23 Příspěvek od Andyfuk »

========== Files/Folders - Created Within 7 Days ==========

[2011.10.30 18:18:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\GAME\Desktop\OTL.exe
[2011.10.30 14:48:00 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.10.30 14:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.10.30 14:47:59 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.10.30 14:47:54 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.10.30 14:47:53 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.10.30 14:47:51 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.10.30 14:47:44 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.10.30 14:47:43 | 000,254,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.10.30 14:47:01 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.10.30 14:47:00 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.10.30 14:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.10.30 14:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.10.29 19:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011.10.29 19:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.10.29 17:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.10.29 17:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011.10.29 17:02:27 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.10.29 16:47:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.10.29 12:43:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.29 12:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.29 11:35:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.10.29 11:35:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.10.29 11:35:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.10.29 11:35:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.10.29 11:34:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.10.29 11:33:25 | 004,277,063 | R--- | C] (Swearware) -- C:\Users\GAME\Desktop\ComboFix.exe
[2011.10.29 11:22:36 | 000,000,000 | ---D | C] -- C:\Users\GAME\Desktop\RK_Quarantine
[2011.10.29 11:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.29 11:04:24 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.28 22:58:28 | 000,000,000 | ---D | C] -- C:\Users\GAME\Documents\Arktos
[2011.10.28 22:58:28 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Local\Arktos
[2011.10.28 21:22:07 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Local\Chromium
[2011.10.28 16:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2011.10.26 17:19:44 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Local\Facebook
[2011.10.26 16:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.10.24 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Local\Criterion Games
[2011.10.24 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skin Pack
[2011.10.24 17:49:00 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011.10.24 17:48:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\telephon.cpl
[2011.10.24 17:48:57 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2011.10.24 17:48:55 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2011.10.24 17:48:54 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2011.10.24 17:48:50 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.10.24 17:48:48 | 003,405,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsrchvw.exe
[2011.10.24 17:48:40 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2011.10.24 17:48:39 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.10.24 17:48:38 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msra.exe
[2011.10.24 17:48:36 | 006,376,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspaint.exe
[2011.10.24 17:48:33 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2011.10.24 17:48:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2011.10.24 17:48:31 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2011.10.24 17:48:29 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.10.24 17:48:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2011.10.24 17:48:26 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2011.10.24 17:48:26 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DisplaySwitch.exe
[2011.10.24 17:48:25 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\control.exe
[2011.10.24 17:48:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\colorcpl.exe
[2011.10.24 17:48:24 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cleanmgr.exe
[2011.10.24 17:48:21 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2011.10.24 17:48:21 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2011.10.24 17:48:19 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2011.10.24 17:48:19 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2011.10.24 17:48:17 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011.10.24 17:48:17 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsecedit.dll
[2011.10.24 17:48:13 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2011.10.24 17:48:12 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2011.10.24 17:48:11 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2011.10.24 17:48:10 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2011.10.24 17:48:09 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2011.10.24 17:48:08 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2011.10.24 17:48:07 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2011.10.24 17:48:06 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2011.10.24 17:47:44 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2011.10.24 17:47:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2011.10.24 17:47:36 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pmcsnap.dll
[2011.10.24 17:47:35 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2011.10.24 17:47:34 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2011.10.24 17:47:33 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcint.dll
[2011.10.24 17:47:24 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2011.10.24 17:47:23 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mycomput.dll
[2011.10.24 17:47:21 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicpl.dll
[2011.10.24 17:47:21 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\miguiresource.dll
[2011.10.24 17:46:59 | 020,268,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imageres.dll
[2011.10.24 17:46:50 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2011.10.24 17:46:50 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2011.10.24 17:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2011.10.24 17:46:49 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2011.10.24 17:46:49 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\filemgmt.dll
[2011.10.24 17:46:48 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.10.24 17:46:48 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2011.10.24 17:46:47 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2011.10.24 17:46:47 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2011.10.24 17:46:35 | 006,278,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DDORes.dll
[2011.10.24 17:46:34 | 001,297,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comres.dll
[2011.10.24 17:46:33 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWGP.dll
[2011.10.24 17:46:33 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2011.10.24 17:46:32 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2011.10.24 17:46:32 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2011.10.24 17:46:24 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2011.10.24 17:46:23 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2011.10.24 17:46:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2011.10.24 17:46:21 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2011.10.24 17:46:15 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2011.10.24 17:46:15 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2011.10.24 17:46:14 | 009,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmres.dll
[2011.10.24 17:46:13 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imagesp1.dll
[2011.10.24 17:46:11 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll.backup
[2011.10.24 17:46:11 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2011.10.24 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\GAME\AppData\Roaming\AIMP3
[2011.10.24 17:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2011.10.24 17:23:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2011.10.24 16:28:19 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.10.24 16:28:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.10.24 16:28:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.10.30 18:25:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.30 18:18:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\GAME\Desktop\OTL.exe
[2011.10.30 16:57:23 | 000,175,371 | ---- | M] () -- C:\Users\GAME\Desktop\WoWScrnShot_103011_165447.jpg
[2011.10.30 15:18:20 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.30 15:18:20 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.30 15:17:06 | 000,001,054 | ---- | M] () -- C:\Users\GAME\Desktop\QIP 2012.lnk
[2011.10.30 15:16:45 | 001,799,836 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.30 15:16:45 | 000,746,318 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.10.30 15:16:45 | 000,730,552 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.30 15:16:45 | 000,172,250 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.10.30 15:16:45 | 000,151,772 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.30 15:11:18 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.10.30 15:09:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.30 15:07:37 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.30 14:56:53 | 000,049,371 | ---- | M] () -- C:\Windows\SysWow64\epfwdata.bin
[2011.10.30 14:48:00 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.10.30 14:47:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.10.30 00:41:16 | 000,679,505 | ---- | M] () -- C:\Users\GAME\Desktop\Bez názvu.png
[2011.10.30 00:15:08 | 000,000,153 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.10.30 00:09:18 | 000,779,014 | ---- | M] () -- C:\Users\GAME\Desktop\lalalaaaaaaaaa.jpg
[2011.10.29 22:36:35 | 000,000,632 | ---- | M] () -- C:\Users\GAME\Desktop\!.gif
[2011.10.29 22:36:25 | 000,001,018 | ---- | M] () -- C:\Users\GAME\Desktop\prst.gif
[2011.10.29 21:04:15 | 000,001,172 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk
[2011.10.29 21:04:15 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Průzkumník licencí MiNODLogin.lnk
[2011.10.29 21:04:14 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Aktualizovat ESET licenci.lnk
[2011.10.29 18:25:23 | 000,328,518 | ---- | M] () -- C:\Users\GAME\Desktop\WoWScrnShot_102811_212112.jpg
[2011.10.29 17:38:29 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.10.29 17:02:27 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.10.29 12:43:33 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.29 11:33:32 | 004,277,063 | R--- | M] (Swearware) -- C:\Users\GAME\Desktop\ComboFix.exe
[2011.10.29 11:23:31 | 000,013,748 | ---- | M] () -- C:\Users\GAME\Desktop\105.gif
[2011.10.29 11:17:20 | 000,003,885 | ---- | M] () -- C:\Users\GAME\Desktop\771.jpg
[2011.10.29 10:52:46 | 000,013,162 | ---- | M] () -- C:\Users\GAME\Desktop\IMG_29102011_115145.png
[2011.10.29 03:03:00 | 000,701,331 | ---- | M] () -- C:\Users\GAME\Desktop\laskjfh.jpg
[2011.10.29 00:13:48 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.10.29 00:13:48 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.10.29 00:10:17 | 001,447,980 | ---- | M] () -- C:\Users\GAME\Desktop\lol.png
[2011.10.28 22:17:29 | 000,000,198 | ---- | M] () -- C:\Users\GAME\Desktop\Rise of Immortals.url
[2011.10.28 21:12:45 | 000,000,220 | ---- | M] () -- C:\Users\GAME\Desktop\Bloodline Champions.url
[2011.10.28 15:54:06 | 000,043,317 | ---- | M] () -- C:\Users\GAME\Desktop\lol.jpg
[2011.10.28 02:03:13 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.28 02:03:00 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.10.28 02:02:54 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.26 21:34:56 | 000,721,610 | ---- | M] () -- C:\Users\GAME\Desktop\MyButterFly.jpg
[2011.10.24 17:49:20 | 000,001,047 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
[2011.10.24 17:49:20 | 000,001,047 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk
[2011.10.24 17:49:19 | 000,001,067 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk
[2011.10.24 17:23:22 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011.10.23 19:53:09 | 000,000,218 | ---- | M] () -- C:\Users\GAME\Desktop\Counter-Strike.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[16 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.30 18:25:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.30 16:56:57 | 000,175,371 | ---- | C] () -- C:\Users\GAME\Desktop\WoWScrnShot_103011_165447.jpg
[2011.10.30 14:48:00 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.10.30 14:47:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011.10.30 14:46:20 | 000,049,371 | ---- | C] () -- C:\Windows\SysWow64\epfwdata.bin
[2011.10.30 00:40:25 | 000,679,505 | ---- | C] () -- C:\Users\GAME\Desktop\Bez názvu.png
[2011.10.30 00:06:53 | 000,779,014 | ---- | C] () -- C:\Users\GAME\Desktop\lalalaaaaaaaaa.jpg
[2011.10.29 22:36:41 | 000,000,632 | ---- | C] () -- C:\Users\GAME\Desktop\!.gif
[2011.10.29 22:36:31 | 000,001,018 | ---- | C] () -- C:\Users\GAME\Desktop\prst.gif
[2011.10.29 21:04:15 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk
[2011.10.29 21:04:14 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Aktualizovat ESET licenci.lnk
[2011.10.29 18:24:34 | 000,328,518 | ---- | C] () -- C:\Users\GAME\Desktop\WoWScrnShot_102811_212112.jpg
[2011.10.29 17:38:29 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.10.29 12:43:33 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.29 11:35:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.10.29 11:35:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.10.29 11:35:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.10.29 11:35:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.10.29 11:35:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.29 11:23:33 | 000,013,748 | ---- | C] () -- C:\Users\GAME\Desktop\105.gif
[2011.10.29 11:17:23 | 000,003,885 | ---- | C] () -- C:\Users\GAME\Desktop\771.jpg
[2011.10.29 10:52:45 | 000,013,162 | ---- | C] () -- C:\Users\GAME\Desktop\IMG_29102011_115145.png
[2011.10.29 03:02:24 | 000,701,331 | ---- | C] () -- C:\Users\GAME\Desktop\laskjfh.jpg
[2011.10.29 00:11:47 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.10.29 00:11:47 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.10.29 00:10:17 | 001,447,980 | ---- | C] () -- C:\Users\GAME\Desktop\lol.png
[2011.10.28 22:17:29 | 000,000,198 | ---- | C] () -- C:\Users\GAME\Desktop\Rise of Immortals.url
[2011.10.28 21:12:45 | 000,000,220 | ---- | C] () -- C:\Users\GAME\Desktop\Bloodline Champions.url
[2011.10.28 15:54:06 | 000,043,317 | ---- | C] () -- C:\Users\GAME\Desktop\lol.jpg
[2011.10.28 01:14:40 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.10.26 21:34:48 | 000,721,610 | ---- | C] () -- C:\Users\GAME\Desktop\MyButterFly.jpg
[2011.10.24 17:49:20 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
[2011.10.24 17:49:20 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk
[2011.10.24 17:49:19 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk
[2011.10.24 17:23:22 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011.10.23 19:53:09 | 000,000,218 | ---- | C] () -- C:\Users\GAME\Desktop\Counter-Strike.url
[2011.10.19 19:12:23 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2011.10.08 23:38:56 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.10.02 20:25:55 | 000,807,424 | ---- | C] () -- C:\Windows\SysWow64\utilhlps.exe
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.08.01 03:20:21 | 000,201,216 | ---- | C] () -- C:\Windows\SysWow64\mediarcpt.dll
[2011.07.09 03:54:15 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2011.06.20 23:42:08 | 000,045,286 | ---- | C] () -- C:\Users\GAME\AppData\Roaming\room_v3.dat
[2011.05.29 14:39:45 | 000,004,505 | ---- | C] () -- C:\Windows\SysWow64\drivers\tihid.sys
[2011.05.28 19:00:49 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.28 19:00:44 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.17 21:37:01 | 000,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini
[2011.05.17 21:37:01 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini
[2011.05.17 21:37:01 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini
[2011.05.17 21:37:01 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini
[2011.05.17 21:37:01 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini
[2011.05.17 21:37:01 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini
[2011.05.17 21:37:01 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini
[2011.05.17 21:37:01 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini
[2011.05.17 21:37:01 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini
[2011.05.17 21:37:01 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini
[2011.04.16 17:51:16 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.26 17:29:45 | 000,000,017 | ---- | C] () -- C:\Users\GAME\AppData\Local\resmon.resmoncfg
[2011.01.28 14:47:25 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.01.28 14:47:25 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.11.29 20:20:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.10.22 21:32:53 | 000,004,096 | -H-- | C] () -- C:\Users\GAME\AppData\Local\keyfile3.drm
[2010.10.17 01:20:23 | 000,012,288 | ---- | C] () -- C:\Users\GAME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.16 21:45:55 | 000,000,916 | ---- | C] () -- C:\Windows\ARPR.INI
[2010.10.16 21:35:50 | 000,001,044 | ---- | C] () -- C:\Windows\ARCHPR.INI
[2010.10.15 22:58:20 | 000,000,064 | ---- | C] () -- C:\Users\GAME\AppData\Roaming\System Uptime Full Plus_Settings.ini
[2010.10.09 22:21:40 | 000,000,114 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.09.28 13:46:18 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2010.09.24 13:58:36 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2010.09.12 21:01:50 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.09.07 18:30:25 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010.09.02 18:34:04 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.27 00:58:13 | 000,000,318 | ---- | C] () -- C:\Windows\WPE PRO - modified.INI
[2010.06.28 15:58:15 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.06.18 21:53:20 | 000,684,622 | ---- | C] () -- C:\Windows\unins000.exe
[2010.06.18 21:53:20 | 000,041,658 | ---- | C] () -- C:\Windows\unins000.dat
[2010.06.05 19:41:11 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.05.28 22:03:00 | 000,000,000 | ---- | C] () -- C:\Windows\WoWEmuHackSettings.ini
[2010.05.28 21:42:22 | 000,000,155 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.05.28 20:54:23 | 000,000,090 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.05.27 11:18:19 | 000,000,092 | ---- | C] () -- C:\Users\GAME\AppData\Local\fusioncache.dat
[2010.05.27 11:16:33 | 001,782,028 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.26 18:54:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.26 18:22:49 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.05.26 17:32:27 | 000,003,923 | ---- | C] () -- C:\Windows\SysWow64\AudioDrv.ini
[2010.05.26 17:31:06 | 000,148,992 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll
[2010.05.26 17:31:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini
[2010.05.26 17:31:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini
[2010.05.26 17:31:06 | 000,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini
[2010.05.26 17:31:06 | 000,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini
[2010.05.26 17:31:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RMi.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RLI.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03FMi.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03DI.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RMi.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RLI.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02FMi.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02DI.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01Mic.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01LI.ini
[2010.05.26 17:31:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01DI.ini
[2010.02.08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1998.10.22 22:46:00 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\WH2ROBO.DLL
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#24 Příspěvek od Andyfuk »

========== LOP Check ==========

[2011.02.25 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\.minecraft
[2011.04.03 23:13:04 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ActiveState
[2011.10.29 17:39:21 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\AIMP3
[2010.10.15 23:12:07 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\App Launcher Gadget
[2010.11.17 14:47:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Autodesk
[2011.02.26 23:14:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Avnex
[2010.10.06 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\BlackBean
[2011.09.30 18:21:11 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2011.10.27 04:12:03 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\DAEMON Tools Lite
[2010.05.26 17:25:55 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ESET
[2011.09.27 20:17:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\esmska
[2011.10.30 18:06:25 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\FileZilla
[2010.09.06 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\FUEL
[2010.10.24 14:55:48 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GetRightToGo
[2010.11.12 20:28:51 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GHISLER
[2010.10.09 22:42:18 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GlarySoft
[2011.09.11 19:56:26 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\go
[2011.06.17 17:49:26 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Hi-Rez Studios
[2011.04.10 21:09:39 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\HLSW
[2011.06.10 21:25:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ICQ
[2010.12.25 23:02:01 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\KWorld Multimedia
[2010.10.10 10:11:30 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Leadertech
[2010.12.25 23:53:42 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Need for Speed World
[2011.09.06 14:42:47 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\OpenCandy
[2010.09.02 15:21:06 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\OpenOffice.org
[2011.09.30 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Origin
[2011.10.18 22:49:44 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\PhotoScape
[2010.11.17 17:08:53 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\PlatinumHideIP
[2010.11.17 13:55:00 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Publish Providers
[2011.10.23 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\QIP
[2011.10.30 15:17:10 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\QipGuard
[2011.10.01 23:47:45 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RayV
[2011.06.26 13:22:28 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Registry Mechanic
[2010.06.24 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RigNRoll_eng
[2010.06.24 18:53:15 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RigNRoll_ger
[2011.07.11 04:18:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Screaming Bee
[2010.11.17 13:54:36 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Sony
[2011.10.09 21:27:22 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\SplitMediaLabs
[2011.05.10 18:59:40 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Sports Interactive
[2011.06.26 14:36:08 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\SQLyog
[2011.02.13 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Subversion
[2010.10.18 19:19:59 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Systweak
[2011.10.17 02:17:49 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TeamViewer
[2010.10.09 22:35:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Trillian
[2011.08.31 00:44:16 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TS3Client
[2011.04.01 01:54:05 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TuneUp Software
[2011.08.07 14:20:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Tunngle
[2010.05.27 11:23:50 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Turbine
[2011.08.05 22:56:00 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Utherverse
[2011.10.30 18:31:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\uTorrent
[2011.04.21 21:07:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\wargaming.net
[2010.06.13 18:59:18 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\yess
[2011.10.30 15:11:18 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011.10.10 16:23:54 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" -- [2011.03.29 15:09:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.)
"QIP Internet Guardian" = C:\Users\GAME\AppData\Roaming\QipGuard\QipGuard.exe /p -- [2011.10.26 23:22:42 | 000,191,440 | ---- | M] (QIP.ru)


< MD5 for: ATAPI.SYS >
[2011.02.12 12:21:20 | 017,822,958 | ---- | M] () .cab file -- C:\Users\GAME\Desktop\Vsechno mozny\winxp\I386\sp3.cab:atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\GAME\Desktop\Vsechno mozny\winxp\I386\AUTOCHK.EXE
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2011.02.12 12:21:20 | 017,822,958 | ---- | M] () .cab file -- C:\Users\GAME\Desktop\Vsechno mozny\winxp\I386\sp3.cab:cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.10.01 22:59:53 | 002,388,992 | ---- | M] (Microsoft Corporation) MD5=00E7425FB9AEF866EFA545102E4BAEB0 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Slave\slave_-_theme\System Files x64\explorer x64\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.10.01 22:59:53 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=28282465138C30DDB43836FBAC2DC916 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Tavern\tavern_\Tavern theme\Qs Win7 Start Buttons\Qs Win7 Flag Start Button\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.10.01 22:59:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=4D93000A2355E5C71152142EBA65245A -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Tavern\tavern_\Tavern theme\Qs Win7 Start Buttons\Qs Win7 Soft Blue Start Button\explorer.exe
[2011.10.01 22:59:41 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=55AB5FAFDEFE49C50B3D6ED4D2C6833A -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Frost Aero\System files\x64\explorer.exe
[2011.10.01 22:59:13 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=58F00104245A720FF990434741CFA576 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Tavern\tavern_\Tavern theme\Qs Win7 Start Buttons\Qs Win7 Dark Start Button\explorer.exe
[2011.10.01 22:59:38 | 002,703,360 | ---- | M] (Microsoft Corporation) MD5=6659E3903F1810D4DC0C39B90125BC67 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Meteora\files\x86\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2011.10.01 22:59:52 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=A2E563E5656AE0E3FDC0CDB010E24F28 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Gizdom Reloaded\gizdom-reloaded\Gizdom Reloaded for Windows 7\System files (x86)\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.10.01 22:59:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=CA86EE1837A5B9A2916B6FA8826E656E -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Tavern\tavern_\Tavern theme\Qs Win7 Start Buttons\Qs Win7 Special Edition\explorer.exe
[2011.10.01 23:00:01 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=DC9E4DBEAB7715ACE7E99ED2E34F98F2 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Frost Aero\System files\x86\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.10.01 23:00:03 | 002,959,360 | ---- | M] (Microsoft Corporation) MD5=EB05BA3ED3171CDC5CBFBE2CE03A3FDB -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Meteora\files\x64\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2011.10.01 22:59:47 | 002,535,424 | ---- | M] (Microsoft Corporation) MD5=F9AE8D230B33587A73C23A9B13968A11 -- C:\Users\GAME\Downloads\Theme pack win 7\Themez.p4.30\Slave\slave_-_theme\System Files x86\Explorer-exe (and bmp)\explorer.exe

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NTFS.SYS >
[2010.11.20 14:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2009.07.14 02:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011.03.11 07:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011.03.11 07:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011.03.11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\ERDNT\cache64\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\SysNative\drivers\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2009.03.23 12:55:24 | 000,576,512 | ---- | M] (Microsoft Corporation) MD5=AE8CAD8F28DB13B515A68510A539B0B8 -- C:\Users\GAME\Desktop\Vsechno mozny\winxp\I386\NTFS.SYS

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2008.04.14 08:52:52 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\GAME\Desktop\Vsechno mozny\winxp\I386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010.08.20 06:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2009.07.14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\ERDNT\cache64\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\SysNative\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2010.08.21 07:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2010.11.20 14:27:28 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 16:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\drivers\*.sys /5 >
[2011.10.29 17:02:27 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.10.30 14:47:44 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2011.10.30 14:56:53 | 000,049,371 | ---- | M] () -- C:\Windows\system32\epfwdata.bin
[2011.10.28 02:02:54 | 000,075,136 | ---- | M] () -- C:\Windows\system32\PnkBstrA.exe
[2011.10.28 02:03:00 | 000,189,248 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2011.10.28 02:03:13 | 000,189,248 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[16 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[16 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[16 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[16 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[27 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#25 Příspěvek od Andyfuk »

< %APPDATA%\*. >
[2011.02.25 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\.minecraft
[2011.04.03 23:13:04 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ActiveState
[2011.09.07 18:08:31 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Adobe
[2010.09.22 18:50:53 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Ahead
[2011.10.29 17:39:21 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\AIMP3
[2010.10.15 23:12:07 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\App Launcher Gadget
[2010.09.13 15:14:51 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Apple Computer
[2010.11.17 14:47:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Autodesk
[2011.02.26 23:14:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Avnex
[2010.10.06 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\BlackBean
[2011.09.30 18:21:11 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2010.05.26 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Creative
[2011.10.27 04:12:03 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\DAEMON Tools Lite
[2010.09.12 15:58:21 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\DivX
[2010.05.26 17:25:55 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ESET
[2011.09.27 20:17:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\esmska
[2011.10.30 18:06:25 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\FileZilla
[2010.09.06 14:43:11 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\FUEL
[2010.10.24 14:55:48 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GetRightToGo
[2010.11.12 20:28:51 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GHISLER
[2010.10.09 22:42:18 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\GlarySoft
[2011.09.11 19:56:26 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\go
[2011.03.26 17:21:06 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Hamachi
[2011.06.17 17:49:26 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Hi-Rez Studios
[2011.04.10 21:09:39 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\HLSW
[2011.06.10 21:25:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\ICQ
[2010.05.26 16:50:58 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Identities
[2011.10.19 22:32:59 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\InstallShield Installation Information
[2010.12.25 23:02:01 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\KWorld Multimedia
[2010.10.10 10:11:30 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Leadertech
[2011.04.25 14:54:58 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Macromedia
[2010.11.12 20:54:33 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Media Center Programs
[2011.10.28 15:53:58 | 000,000,000 | --SD | M] -- C:\Users\GAME\AppData\Roaming\Microsoft
[2010.10.04 22:19:39 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Mozilla
[2011.10.23 03:48:49 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Mozilla-Cache
[2011.08.01 21:41:56 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\NCH Software
[2010.12.25 23:53:42 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Need for Speed World
[2010.05.28 21:42:56 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Nero
[2011.10.12 20:18:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\NVIDIA
[2011.09.06 14:42:47 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\OpenCandy
[2010.09.02 15:21:06 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\OpenOffice.org
[2011.09.30 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Origin
[2011.10.18 22:49:44 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\PhotoScape
[2010.11.17 17:08:53 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\PlatinumHideIP
[2010.11.12 20:28:51 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\PSpad
[2010.11.17 13:55:00 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Publish Providers
[2011.10.23 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\QIP
[2011.10.30 15:17:10 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\QipGuard
[2011.10.01 23:47:45 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RayV
[2011.09.23 22:55:50 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Real Desktop
[2011.06.26 13:22:28 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Registry Mechanic
[2010.06.24 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RigNRoll_eng
[2010.06.24 18:53:15 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\RigNRoll_ger
[2011.07.11 04:18:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Screaming Bee
[2010.06.05 14:43:01 | 000,000,000 | RH-D | M] -- C:\Users\GAME\AppData\Roaming\SecuROM
[2011.10.30 19:11:54 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Skype
[2011.05.28 15:57:11 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\skypePM
[2010.11.17 13:54:36 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Sony
[2011.10.09 21:27:22 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\SplitMediaLabs
[2011.05.10 18:59:40 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Sports Interactive
[2011.06.26 14:36:08 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\SQLyog
[2011.02.13 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Subversion
[2010.10.18 19:19:59 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Systweak
[2011.10.17 02:17:49 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TeamViewer
[2011.02.13 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TortoiseSVN
[2010.10.09 22:35:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Trillian
[2011.08.31 00:44:16 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TS3Client
[2011.04.01 01:54:05 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\TuneUp Software
[2011.08.07 14:20:52 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Tunngle
[2010.05.27 11:23:50 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Turbine
[2011.08.05 22:56:00 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Utherverse
[2011.10.30 19:15:07 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\uTorrent
[2011.08.31 00:44:16 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Ventrilo
[2011.10.10 23:02:19 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\vlc
[2011.04.21 21:07:34 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\wargaming.net
[2011.10.25 21:10:28 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Winamp
[2010.05.27 13:38:35 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\WinRAR
[2011.10.11 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\Xfire
[2010.06.13 18:59:18 | 000,000,000 | ---D | M] -- C:\Users\GAME\AppData\Roaming\yess

< *crack* /s >
[2008.09.23 14:19:06 | 000,016,223 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0001.OZJ
[2008.09.23 14:19:06 | 000,017,939 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0002.OZJ
[2008.09.23 14:19:06 | 000,020,684 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0003.OZJ
[2008.09.23 14:19:06 | 000,023,889 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0004.OZJ
[2008.09.23 14:19:06 | 000,027,580 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0005.OZJ
[2008.09.23 14:19:06 | 000,029,199 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0006.OZJ
[2008.09.23 14:19:06 | 000,028,015 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\firecracker0007.OZJ
[2008.05.20 14:23:32 | 000,011,320 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 08:10:42 | 000,005,648 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\knight_plancrack_b.bmd
[2008.04.24 13:01:00 | 000,160,240 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Effect\knight_plancrack_grand.bmd
[2003.01.13 11:38:06 | 000,003,448 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Item\firecracker.OZJ
[2006.07.03 07:30:54 | 000,016,685 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Object40\han_mcrack.OZJ
[2003.01.14 15:11:30 | 000,129,158 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Sound\eFirecracker1.wav
[2003.01.14 15:11:32 | 000,132,402 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season IV\Data\Sound\eFirecracker2.wav
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Garena\plugins\UI\AvoidCrackPlugin.dll
[2011.10.28 21:13:49 | 000,021,985 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\bloodline champions\Content\Particles\1x1\point_cracks.dds.xnb
[2011.05.29 19:29:29 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Windows Doctor\backup\2011-06-26-14-31-06\DiRT 3 crack.lnk.4.11.sbk
[2011.10.27 21:58:50 | 000,000,752 | ---- | M] () -- \Users\GAME\AppData\Roaming\Microsoft\Windows\Recent\Call_Of_Duty_Modern_Warfare_2_Crack_Only-Razor1911.lnk
[2011.10.27 21:58:49 | 000,001,084 | ---- | M] () -- \Users\GAME\AppData\Roaming\Microsoft\Windows\Recent\rzr-cod6crackonly.lnk
[2010.10.22 20:30:20 | 000,001,397 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Call of Duty - Modern Warfare 2 - MP CRACK + Tutorial.torrent
[2010.06.24 17:47:58 | 000,012,405 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Call of Duty Modern Warfare 2 Multiplayer Crack Only.zip.torrent
[2011.10.27 21:55:14 | 000,001,931 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Call_Of_Duty_Modern_Warfare_2_Crack_Only-Razor1911.torrent
[2011.02.20 19:53:21 | 000,001,768 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Cod 6 Razor1911 crack.rar.torrent
[2011.02.20 20:03:26 | 000,001,806 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Cod 6 Skidrow Crack.rar.torrent
[2011.10.03 14:58:47 | 000,019,902 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Crackfix.torrent
[2011.05.29 19:27:54 | 000,003,515 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\DiRT 3 crack.rar.torrent
[2010.10.04 23:52:15 | 000,001,642 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Driver Detective 6.4.1.3 + Crack.torrent
[2010.08.22 16:21:39 | 000,017,418 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Nero 9 Burning Rom (Extream Crack + Serial Key) (x64 x68 Support).torrent
[2010.11.22 18:19:09 | 000,001,998 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\NFS HP 2010_Crack.rar.torrent
[2011.02.13 21:17:08 | 000,000,666 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\Windows XP SP2 Pro & Home Activation Crack.torrent
[2010.11.21 16:10:37 | 000,001,162 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\wrc 2010 no dvd crack.rar.torrent
[2011.10.07 20:41:46 | 000,031,944 | ---- | M] () -- \Users\GAME\Documents\TrackMania\Tracks\Replays\Autosaves\GAME_45 crack (20) speed dancer.Replay.gbx

< *keygen* /s >
[2010.04.05 22:47:32 | 000,104,960 | ---- | M] () -- \Program Files (x86)\WinRAR\keygen.exe
[2010.09.24 23:45:57 | 000,008,130 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\PremiumSoft Navicat Premium Enterprise Edition 9.0.13 + Keygen - [ManWithoutHeart].torrent

< *nocd* /s >

< *nodvd* /s >

< *AutoKMS* /s >

< *AutoRearm* /s >
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#26 Příspěvek od Andyfuk »

< *Loader* /s >
[2011.04.03 23:07:21 | 000,028,537 | ---- | M] () -- \Perl64\html\lib\AutoLoader.html
[2011.04.03 23:07:51 | 000,022,708 | ---- | M] () -- \Perl64\html\lib\DynaLoader.html
[2011.04.03 23:09:38 | 000,026,324 | ---- | M] () -- \Perl64\html\lib\SelfLoader.html
[2011.04.03 23:10:19 | 000,016,687 | ---- | M] () -- \Perl64\html\lib\XSLoader.html
[2011.04.03 23:08:26 | 000,001,688 | ---- | M] () -- \Perl64\html\lib\Locale\Maketext\GutsLoader.html
[2007.03.14 18:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 16:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.10.27 00:55:49 | 000,002,910 | ---- | M] () -- \Program Files (x86)\Codemasters\The Lord of the Rings Online\browser\components\uriloader.xpt
[2007.03.14 16:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 15:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006.11.09 21:31:32 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.10.04 19:43:17 | 000,000,147 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2011.04.04 09:47:16 | 000,006,820 | ---- | M] () -- \Program Files (x86)\GamersFirst\LIVE!\Content\ajax-loader.gif
[2008.07.10 16:33:02 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2008.07.10 16:33:04 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.10.28 21:15:33 | 004,930,560 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\bloodline champions\Binary\BloodlineChampionsLoader.exe
[2011.10.28 21:18:05 | 000,400,896 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\bloodline champions\Binary\BloodlineChampionsLoaderUpdater.exe
[2011.10.29 22:11:53 | 000,000,377 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\bloodline champions\Binary\Logs\Loader.log
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.09.23 23:19:26 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\ubiorbitapi_r2_loader.dll
[2011.08.30 14:21:56 | 000,171,320 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\uplay_r1_loader.dll
[2009.09.25 13:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.03.15 10:28:24 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010.08.24 16:23:59 | 000,071,008 | ---- | M] () -- \Program Files\2K Games\Mafia 2\pc\PhysXLoader.dll
[2010.04.19 20:46:32 | 000,002,326 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\DirectWrite\CustomFont\ResourceFontCollectionLoader.cpp
[2010.04.19 20:46:32 | 000,001,660 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\DirectWrite\CustomFont\ResourceFontCollectionLoader.h
[2010.04.19 20:46:32 | 000,002,780 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\DirectWrite\CustomFont\ResourceFontFileLoader.cpp
[2010.04.19 20:46:32 | 000,001,555 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\DirectWrite\CustomFont\ResourceFontFileLoader.h
[2010.04.19 20:46:44 | 000,000,628 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\mediafoundation\topoedit\tedutil\xmldataloader.rgs
[2010.04.19 20:46:56 | 000,002,584 | ---- | M] () -- \Program Files\Microsoft SDKs\Windows\v7.1\Samples\multimedia\WMP\media\loader.hta
[2010.03.15 10:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.04.09 23:59:38 | 000,040,448 | ---- | M] () -- \ProgramData\Skype\Plugins\Plugins\962C58B9C93944A28A0B82EF9F85A392\PrettyMayLoader.exe
[2011.08.01 21:41:12 | 000,009,767 | ---- | M] () -- \Qoobox\Quarantine\C\Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\modules\ExternalLibraryLoader.jsm.vir
[2011.10.29 12:30:01 | 000,000,000 | ---- | M] () -- \Qoobox\Quarantine\C\Windows\loader2.exe_ok.vir
[2011.04.09 23:59:38 | 000,040,448 | ---- | M] () -- \Users\All Users\Skype\Plugins\Plugins\962C58B9C93944A28A0B82EF9F85A392\PrettyMayLoader.exe
[2011.09.28 13:33:09 | 000,000,673 | ---- | M] () -- \Users\GAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbpbcpokffodhpcdjaoopolhdlbconi\2.3.0.15_0\Media\ajax-loader.gif
[2010.10.15 22:47:14 | 000,001,849 | ---- | M] () -- \Users\GAME\AppData\Local\Microsoft\Windows Sidebar\Gadgets\connect12.gadget\img\ajax-loader.gif
[2010.10.15 23:10:09 | 000,002,608 | ---- | M] () -- \Users\GAME\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CZTechnetGadgetv2.Gadget\en-US\Images\ajax-loader.gif
[2010.10.15 22:58:45 | 000,000,701 | ---- | M] () -- \Users\GAME\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Supplications.gadget\ajax-loader.gif
[2010.10.15 22:55:22 | 000,001,146 | ---- | M] () -- \Users\GAME\AppData\Local\Microsoft\Windows Sidebar\Gadgets\uMusic.gadget\images\smallloader.gif
[2010.10.15 22:55:22 | 000,001,487 | ---- | M] () -- \Users\GAME\AppData\Local\Microsoft\Windows Sidebar\Gadgets\uMusic.gadget\images\smallloader.png
[2011.08.01 21:41:12 | 000,009,767 | ---- | M] () -- \Users\GAME\AppData\Roaming\Mozilla\Firefox\Profiles\v0prsbuk.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2010.10.04 20:50:23 | 000,018,190 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\neporazitelny-2010-dvdrip-xvid-cz-by_pablos33_of_poweruploaders.avi.torrent
[2008.08.09 21:00:51 | 000,017,598 | ---- | M] () -- \Users\GAME\Desktop\Vsechno mozny\web\flash\loader.swf
[2008.08.09 21:00:12 | 000,000,053 | R--- | M] () -- \Users\GAME\Desktop\Vsechno mozny\web\flash\.svn\prop-base\loader.swf.svn-base
[2008.08.09 21:00:12 | 000,017,598 | R--- | M] () -- \Users\GAME\Desktop\Vsechno mozny\web\flash\.svn\text-base\loader.swf.svn-base
[2008.04.14 08:51:40 | 000,017,421 | ---- | M] () -- \Users\GAME\Desktop\Vsechno mozny\winxp\I386\DMLOADER.DL_
[2008.04.14 00:01:48 | 000,115,367 | ---- | M] () -- \Users\GAME\Desktop\Vsechno mozny\winxp\I386\OSLOADER.EX_
[2008.04.14 00:01:50 | 000,133,029 | ---- | M] () -- \Users\GAME\Desktop\Vsechno mozny\winxp\I386\OSLOADER.NT_
[2011.01.29 01:23:36 | 000,005,926 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2010.05.26 19:27:19 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.29 02:00:56 | 000,000,338 | ---- | M] () -- \Windows\Downloaded Program Files\PhotoUploader55.inf
[2009.07.29 20:21:24 | 003,540,488 | ---- | M] () -- \Windows\Downloaded Program Files\PhotoUploader55.ocx
[2008.07.30 10:06:58 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\D1B226DDE87A8EF3C9C842F675460B0D\9.0.30729\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.29 03:43:16 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\D1B226DDE87A8EF3C9C842F675460B0D\9.0.30729\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\system32\dmloader.dll
[16 \Windows\system32\*.tmp files -> \Windows\system32\*.tmp -> ]
[2011.09.16 13:37:48 | 000,012,532 | ---- | M] () -- \Windows\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[16 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.09.16 13:37:48 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.13 12:08:36 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.13 12:08:36 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.13 12:08:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.13 12:08:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.13 12:08:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *w7lxe* /s >

< *Legalizator* /s >

< *GenuineXP* /s >

< *minodlogin* /s >
[2011.10.29 19:46:30 | 000,013,766 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\ESET Smart Security v.5 32,64bit+MiNODLogin.1.torrent
[2011.10.29 21:02:24 | 000,013,767 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\ESET Smart Security v.5 32,64bit+MiNODLogin.2.torrent
[2011.10.01 19:50:25 | 000,013,767 | ---- | M] () -- \Users\GAME\AppData\Roaming\uTorrent\ESET Smart Security v.5 32,64bit+MiNODLogin.torrent
[2011.10.29 21:02:54 | 000,391,800 | ---- | M] () -- \Users\GAME\Downloads\ESET Smart Security v.5 32,64bit+MiNODLogin\MiNODLogin 3.9.8.1\MiNODLogin 3.9.8.1.exe
[2011.10.29 21:04:15 | 000,001,136 | ---- | M] () -- \Users\Public\Desktop\Průzkumník licencí MiNODLogin.lnk

< serial.txt /s >

< %APPDATA%\*.* >
[2011.06.20 23:42:08 | 000,045,286 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\room_v3.dat
[2010.10.15 23:13:35 | 000,000,064 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\System Uptime Full Plus_Settings.ini

< %APPDATA%\*.exe /s >
[2011.10.19 22:30:38 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Users\GAME\AppData\Roaming\InstallShield Installation Information\{6530FDAA-5B1F-4830-95BB-650E9804D239}\setup.exe
[2010.09.20 12:35:55 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\GAME\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.10.09 21:14:41 | 000,005,430 | R--- | M] () -- C:\Users\GAME\AppData\Roaming\Microsoft\Installer\{0800A3B3-C012-42A9-877B-18F109FC2F6A}\_24471CEA56C8F4A41D186C.exe
[2011.10.09 21:14:41 | 000,005,430 | R--- | M] () -- C:\Users\GAME\AppData\Roaming\Microsoft\Installer\{0800A3B3-C012-42A9-877B-18F109FC2F6A}\_C0AA2940541DD2CE1AD5F6.exe
[2010.08.09 03:08:47 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\GAME\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
[2010.08.09 03:08:47 | 000,008,854 | R--- | M] () -- C:\Users\GAME\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\UNINST_Uninstall_G_0CE1A6C0F3F749E68F9D2431F9827441_1.exe
[2010.09.19 17:54:45 | 000,010,134 | R--- | M] () -- C:\Users\GAME\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.09.06 14:42:48 | 000,416,160 | ---- | M] () -- C:\Users\GAME\AppData\Roaming\OpenCandy\OpenCandy_7CC3AF2E4BC34FF79BDCE90051EAF613\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\GAME\AppData\Roaming\OpenCandy\OpenCandy_7CC3AF2E4BC34FF79BDCE90051EAF613\pcspeedup.exe
[2011.10.26 23:22:42 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\GAME\AppData\Roaming\QipGuard\QipGuard.exe
[2010.10.18 19:20:12 | 010,494,512 | ---- | M] (Systweak Inc ) -- C:\Users\GAME\AppData\Roaming\Systweak\ASO3\Installer\aso3setup.exe

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces >

< sTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB8DBCBE-2EB8-4080-A6D0-CFA3B846EFD4}\\: IMFRatelessTimeSource
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{b2f5a901-4080-11d1-a3ac-00c04fb950dc}\\: IADsTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB8DBCBE-2EB8-4080-A6D0-CFA3B846EFD4}\\: IMFRatelessTimeSource
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b2f5a901-4080-11d1-a3ac-00c04fb950dc}\\: IADsTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB8DBCBE-2EB8-4080-A6D0-CFA3B846EFD4}\\: IMFRatelessTimeSource
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{b2f5a901-4080-11d1-a3ac-00c04fb950dc}\\: IADsTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Fax\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Microsoft XPS Document Writer\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\\JobNoProgressTimeout: 1209600
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gathering Manager\\FilterHostProcessTimeout: 120000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\Fax\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\Microsoft XPS Document Writer\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power\\HiberCompressTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1522CA26-D2D7-477B-8A1F-7B9466CC2E04}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1D600612-2E4C-4A56-A175-8DB1980FFC29}\\LeaseTerminatesTime: 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E9D0F090-26F2-4309-8174-6A41D5568129}\\LeaseTerminatesTime: 2147483647
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar\Settings\General\\LastUpdateGamesTime: 1289219789
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VBExpress\9.0\Debugger\\AutosReturnValsTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VBExpress\9.0\Debugger\\AutosRegistersTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VBExpress\9.0\Debugger\\LocalsTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VBExpress\9.0\Debugger\\RegistersTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VBExpress\9.0\Debugger\\ScriptDocsTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\10.0\Debugger\\AutosReturnValsTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\10.0\Debugger\\AutosRegistersTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\10.0\Debugger\\LocalsTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\10.0\Debugger\\RegistersTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\10.0\Debugger\\ScriptDocsTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\9.0\Debugger\\AutosReturnValsTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\9.0\Debugger\\AutosRegistersTimeout: 2000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\9.0\Debugger\\LocalsTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\9.0\Debugger\\RegistersTimeout: 10000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\VCExpress\9.0\Debugger\\ScriptDocsTimeout: 10000

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" >

< >

< /c >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.30 18:25:14 | 000,000,512 | ---- | M] () MD5=5A91BB4060DEC42C499C5AA6A379D58D -- C:\PhysicalMBR.bin

========== Files - Unicode (All) ==========
[2011.06.18 21:21:48 | 003,787,919 | ---- | M] ()(C:\Windows\Resources\Themes\?????.themepack) -- C:\Windows\Resources\Themes\Китай.themepack
[2011.06.18 21:21:40 | 003,870,529 | ---- | M] ()(C:\Windows\Resources\Themes\???????.themepack) -- C:\Windows\Resources\Themes\Испания.themepack
[2011.06.18 21:21:30 | 003,714,303 | ---- | M] ()(C:\Windows\Resources\Themes\??????.themepack) -- C:\Windows\Resources\Themes\Италия.themepack
[2011.06.18 21:21:29 | 006,464,338 | ---- | M] ()(C:\Windows\Resources\Themes\?????.themepack) -- C:\Windows\Resources\Themes\Белка.themepack
[2011.06.18 21:21:29 | 003,452,487 | ---- | M] ()(C:\Windows\Resources\Themes\???????.themepack) -- C:\Windows\Resources\Themes\Тайвань.themepack
[2011.06.18 21:21:26 | 003,529,461 | ---- | M] ()(C:\Windows\Resources\Themes\??????.themepack) -- C:\Windows\Resources\Themes\Турция.themepack
[2011.06.18 21:21:25 | 004,018,521 | ---- | M] ()(C:\Windows\Resources\Themes\???????.themepack) -- C:\Windows\Resources\Themes\Мексика.themepack
[2011.06.18 21:21:16 | 000,637,023 | ---- | M] ()(C:\Windows\Resources\Themes\???????.themepack) -- C:\Windows\Resources\Themes\Девушки.themepack
[2011.06.18 21:21:13 | 003,221,245 | ---- | M] ()(C:\Windows\Resources\Themes\?????.themepack) -- C:\Windows\Resources\Themes\Индия.themepack
[2011.06.18 21:20:47 | 003,437,901 | ---- | M] ()(C:\Windows\Resources\Themes\???????.themepack) -- C:\Windows\Resources\Themes\Франция.themepack
[2011.06.18 21:20:14 | 000,898,437 | ---- | M] ()(C:\Windows\Resources\Themes\?????.themepack) -- C:\Windows\Resources\Themes\Тачки.themepack
[2011.06.18 21:19:44 | 000,309,823 | ---- | M] ()(C:\Windows\Resources\Themes\?????.themepack) -- C:\Windows\Resources\Themes\Малки.themepack
[2011.06.18 21:19:39 | 000,797,761 | ---- | M] ()(C:\Windows\Resources\Themes\??????2.themepack) -- C:\Windows\Resources\Themes\Россия2.themepack

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 246 bytes -> C:\ProgramData\TEMP:9A870F8B
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#27 Příspěvek od Andyfuk »

Extras.txt -

OTL Extras logfile created on: 30.10.2011 18:20:54 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\GAME\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,89% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,23 Gb Total Space | 126,33 Gb Free Space | 28,50% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 78,98 Mb Free Space | 78,99% Space Free | Partition Type: NTFS
Drive E: | 488,18 Gb Total Space | 438,21 Gb Free Space | 89,76% Space Free | Partition Type: NTFS

Computer Name: GAME-PC | User Name: GAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Classes\<extension>]
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
jsfile [edit] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallOverride" = 0
"DisableThumbnailCache" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 0
"DisableThumbnailCache" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Users\GAME\Downloads\Flash-Player.exe" = C:\Users\GAME\Downloads\Flash-Player.exe:*:Enabled:C:\Users\GAME\Downloads\Flash-Player.exe
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe
"C:\Windows\services32.exe" = C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe
"C:\Windows\update.tray-3-0\svchost.exe" = C:\Windows\update.tray-3-0\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0\svchost.exe
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe
"C:\Windows\update.tray-3-0-lnk\svchost.exe" = C:\Windows\update.tray-3-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0-lnk\svchost.exe
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Users\GAME\Downloads\Flash-Player.exe" = C:\Users\GAME\Downloads\Flash-Player.exe:*:Enabled:C:\Users\GAME\Downloads\Flash-Player.exe
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe
"C:\Windows\services32.exe" = C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe
"C:\Windows\update.tray-3-0\svchost.exe" = C:\Windows\update.tray-3-0\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0\svchost.exe
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe
"C:\Windows\update.tray-3-0-lnk\svchost.exe" = C:\Windows\update.tray-3-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-3-0-lnk\svchost.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{183C740A-0406-380F-A235-2EC2F8A28D13}" = Microsoft Windows SDK MSHelp (30514)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68570626-1BF6-310B-AF69-6CD686C04AEA}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{6C8D7973-31F9-32E1-A820-8DD857910323}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{84452C2C-BDCC-36F3-A189-CE15F02A47FB}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{84E30D73-E30F-3A02-BAA0-5353C04DD18A}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{88387B3B-B110-392F-B919-1A15B48F21D4}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{89026002-A893-42D9-9E20-6829B844735E}" = Application Verifier (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951E6223-AC28-345E-BCF4-B55C1267E321}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{A0B0F02C-410B-3DE3-9740-EC4C3D902532}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{A2C55034-8DAF-3755-BA85-CC321707FE99}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 280.26
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1C4B89A-8BF0-3D7C-8095-BAE412FBEA3F}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
Nahoru
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:
Kontaktovat uživatele Andyfuk

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#28 Příspěvek od Andyfuk »

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0800A3B3-C012-42A9-877B-18F109FC2F6A}" = Readon TV Movie Radio Player 7.4.0.0
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}" = Sound Blaster X-Fi
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{235BBFC6-D863-4066-A01A-3BD504C31029}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 29
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5B161932-9D42-4D5E-858D-29BF4C670944}" = Microsoft SQL Server 2008 Setup Support Files
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}" = Internet Explorer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E41A7281-A867-4D58-B04D-BEAD32C2CE91}" = Soul-Aion
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED721ABC-423D-4F7D-AEBB-E1E39C388E84}" = Facebook Video Calling 1.0.0.8714
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™: Shadows of Angmar™ v01.04.00.807
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AIMP3" = AIMP3
"ALchemy" = Creative ALchemy
"aTube Catcher" = aTube Catcher
"AudioCS" = Creative Audio Control Panel
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"CryptoPlus KB v1.0" = CryptoPlus KB v1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX Setup
"Driver San Francisco" = Driver San Francisco
"Driver San Francisco 1.01" = Driver San Francisco 1.01
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.0" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.4.0
"Football Manager 2011" = Football Manager 2011
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GamersFirst LIVE!" = GamersFirst LIVE!
"Garena" = Garena 2010
"Glary Utilities_is1" = Glary Utilities 2.31.0.1098
"HLSW_is1" = HLSW v1.3.3.7b
"Host OpenAL" = Host OpenAL
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KDiff3" = KDiff3 (remove only)
"Ladybug on Desktop_is1" = Ladybug on Desktop 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"MetroGnome_is1" = MetroGnome
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mouse Joypad V1.0" = Mouse Joypad V1.0
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PageshotsPro_is1" = PageshotsPro 1.0.0
"PhotoScape" = PhotoScape
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"PowerISO" = PowerISO
"PremiumSoft Navicat 8.0 for MySQL_is1" = PremiumSoft Navicat 8.0 for MySQL
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Recepty doma_is1" = Recepty doma
"Restorator2007_is1" = Restorator 2007 Trial Update 2
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SHOUTcast" = SHOUTcast DNAS Server v2
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Steam App 10" = Counter-Strike
"Steam App 30" = Day of Defeat
"Steam App 6370" = Bloodline Champions
"Steam App 90530" = Rise of Immortals
"Super Ovladač_is1" = Super Ovladač
"Switch" = Switch Sound File Converter
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"Tunngle beta_is1" = Tunngle beta
"TVRTLDrv" = Genius TVGo DVB-T03 Drivers
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"vShare" = vShare Plugin
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4285535737-698878448-3188201288-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"QIP 2012" = QIP 2012 4.0.6715
"QipGuard" = QIP Internet Guardian
"Winamp Detect" = Winamp Detector Plug-in

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4285535737-698878448-3188201288-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9044
"QipGuard" = QIP Internet Guardian
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#29 Příspěvek od chodnik74 »

Po domluvě na to mrknu zítra.. dávám ti sem slibovanou údržbu, aby ses zatím nenudil ;-)


Údržba PC:

1)Čištění dočasných složek + neplatné registry
:arrow: ObrázekCcleaner
  • Stáhneme a nainstalujeme program
  • Spustíme program
  • ČISTIČ
    Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše a odškrkneme volbu Zbytky souborů v paměti
    Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
    >Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
  • Registry
    >Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
    >Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
    >opakujte dokud nebude registr bez problémů
  • Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
2)Defragmentace disku
:arrow: ObrázekDefraggler
  • Stáhneme a nainstalujeme program
  • Spustíme program
  • Vybereme disk ( C:,D:..prostě který používáme)
  • Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
  • Proveďte se všemi používanými disky
  • Provádíme 1x za měsíc
3)Aktualizace programů
:arrow: ObrázekFileHippo.com Update Checker
  • Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
  • Spustíme program
  • Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
  • Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
    >X Updates Detected..to jsou dostupné aktualizace..
    > klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
    > :!: X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní :)
  • Provádíme 1x za 14 dní nebo jednou za měsíc
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Facebook - Flash Player (Win32/Delf.QCZ)

#30 Příspěvek od chodnik74 »

Dobré ránko :welcome:
jak dopadla údržba a defragmentace? :)
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“