svchost žere 100% cpu prosím o kontrolu logu

Zpráva

Jackal · #1 Příspěvek od **Jackal** » 10 srp 2012 14:23

Zdravím svhost mi po zapnutí pc začne žrát 100% cpu prosím o kontrolu logu

Logfile of random's system information tool 1.09 (written by random/random)
Run by Simoryn at 2012-08-10 15:14:53
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 34 GB (31%) free of 110 GB
Total RAM: 4095 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:24, on 10.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\GameBox\vprot.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Users\Simoryn\AppData\Local\svchost.exe
C:\Users\Simoryn\AppData\Local\svchost.exe
C:\Users\Simoryn\AppData\Roaming\svchost.exe
C:\Users\Simoryn\AppData\Roaming\svchost.exe
D:\Program Files (x86)\IObit\Game Booster 3\FPSClient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Simoryn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gbt.toolbarhome.com/?hp=df
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
O2 - BHO: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: WebScout Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll
O3 - Toolbar: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [minerpack.exe] C:\Users\Simoryn\AppData\Local\file1.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [vProt] C:\Program Files (x86)\GameBox\vprot.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPDLR] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: file1.exe
O4 - Startup: StartupCPU.lnk = Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe
O4 - Startup: StartupGPU.lnk = Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe
O4 - Startup: VersionCheck.lnk = Simoryn\AppData\Roaming\FAH\VersionCheck.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to AMV Converter... - D:\Program Files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Program Files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files (x86)\Eset\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate1ca67028f3a3192) (gupdate1ca67028f3a3192) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16825 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\WindowsMobile\wmdc.exe"
"D:\Program Files (x86)\Eset\egui.exe" /hide /waitservice
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\GameBox\vprot.exe"
"C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:/Users/Simoryn/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"D:\Program Files (x86)\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k apphost
taskeng.exe {B9D4B78F-450C-4B0B-8EC4-EB4E61987A9D}
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
"D:\Program Files (x86)\PCMeter\PCMeterV0.2.exe"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"D:\Program Files (x86)\Eset\x86\ekrn.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\System32\svchost.exe -k ipripsvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2472
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\Simoryn\AppData\Local\svchost.exe" -o http://notroll.in:6332/ -O Mrkrabz.5:12345
"C:\Users\Simoryn\AppData\Local\svchost.exe" -o http://notroll.in:6332/ -O Mrkrabz.8:12345
"C:\Users\Simoryn\AppData\Roaming\svchost.exe"
"C:\Users\Simoryn\AppData\Roaming\svchost.exe"
\??\C:\Windows\system32\conhost.exe "1355673117712767786605221131241421226-33771440117854524732002959643328236176
\??\C:\Windows\system32\conhost.exe "-27962075740477151-20498932111383260782-1390700760-2754991711457710857951898189
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Program Files (x86)\IObit\Game Booster 3\FPSClient.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6684.1.1312122726\1457350879" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6684.2.1015777150\2038508548" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6684.3.766571233\591683444" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6684.4.112975434\2109163891" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6684.6.187534501\1249035132" /prefetch:3
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6684.8.94115872\1688921516" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6684.9.78750366\1433634333" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6684.10.623457717\533395565" /prefetch:3
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Users\Simoryn\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\PC Health Advisor Defrag.job
C:\Windows\tasks\PC Health Advisor.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://gbt.toolbarhome.com/?hp=df"
prefs.js - "extensions.enabledItems" - "battlefieldheroespatcher@ea.com:4.0.36.0, {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1, {800b5000-a755-47e1-992b-48a1c1357f07}:2, radiobar@toolbar:1.0.0, battlefieldplay4free@ea.com:1.0.53.2, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, DTToolbar@toolbarnet.com:1.1.7.0190, support@predictad.com:1.11, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, gamebox@toolbar:1.0.0, iobit@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =382950&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npnul32.dll
nppdf32.dll
nsIDivxPlayerPlugin.xpt
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
adaradar.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\extensions\
battlefieldheroespatcher@ea.com
battlefieldplay4free@ea.com
DTToolbar@toolbarnet.com
gamebox@toolbar
radiobar@toolbar
support@predictad.com
{687578b9-7132-4a7a-80e4-30ee31099e03}
{75656794-AB59-4712-BFBC-5D816D56F3BC}

C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-04 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-04 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll [2010-08-29 97760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}]
GameBox Toolbar - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll [2011-05-14 790104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-26 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - WebScout Toolbar - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll [2010-02-16 2495488]
{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - GameBox Toolbar - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll [2011-05-14 790104]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"egui"=D:\Program Files (x86)\Eset\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-11 880496]
"vProt"=C:\Program Files (x86)\GameBox\vprot.exe [2011-05-14 123480]
"Akamai NetSession Interface"=C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe [2012-05-26 4327744]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"KiesPDLR"=D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-06-08 21432]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-09-03 536576]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2011-02-01 232104]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-09-13 4958320]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
""= []
"KiesTrayAgent"=D:\Program Files (x86)\Kies\KiesTrayAgent.exe [2012-06-08 3521464]
"TaskTray"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-06-11 641704]
"minerpack.exe"=C:\Users\Simoryn\AppData\Local\file1.exe [2012-08-03 1336320]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]

C:\Users\Simoryn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
file1.exe
StartupCPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe
StartupGPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe
VersionCheck.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-08-10 15:14:53 ----D---- C:\rsit
2012-08-10 15:14:53 ----D---- C:\Program Files\trend micro
2012-08-10 15:09:26 ----A---- C:\Users\Simoryn\AppData\Roaming\svchost.exe
2012-08-10 13:43:20 ----D---- C:\Users\Simoryn\AppData\Roaming\Malwarebytes
2012-08-10 13:43:10 ----D---- C:\ProgramData\Malwarebytes
2012-08-10 13:43:09 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-10 13:43:09 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-08-10 13:37:58 ----D---- C:\Users\Simoryn\AppData\Roaming\BSplayer
2012-08-10 10:50:25 ----D---- C:\Program Files\WinRAR
2012-08-10 00:09:38 ----D---- C:\Program Files (x86)\FileHippo.com
2012-08-10 00:07:45 ----D---- C:\Program Files\Defraggler
2012-08-09 23:57:55 ----D---- C:\Program Files\CCleaner
2012-08-08 17:04:23 ----A---- C:\Users\Simoryn\AppData\Roaming\GPU MeterV2_Settings.ini
2012-08-08 16:57:46 ----A---- C:\Users\Simoryn\AppData\Roaming\Drives Meter_Settings.ini
2012-08-08 02:41:19 ----A---- C:\Windows\system32\win32k.sys
2012-08-07 23:40:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-08-07 23:40:34 ----A---- C:\Windows\system32\msxml6.dll
2012-08-07 23:40:34 ----A---- C:\Windows\system32\msxml3.dll
2012-08-07 23:40:33 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-08-07 23:40:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-08-07 23:40:33 ----A---- C:\Windows\system32\msxml3r.dll
2012-08-07 23:40:28 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-07 23:40:28 ----A---- C:\Windows\system32\jscript.dll
2012-08-07 23:40:22 ----A---- C:\Windows\system32\shell32.dll
2012-08-07 23:40:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-08-07 23:40:08 ----A---- C:\Windows\system32\ieframe.dll
2012-08-07 23:40:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-07 23:40:01 ----A---- C:\Windows\system32\mshtml.dll
2012-08-07 23:39:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-07 23:39:57 ----A---- C:\Windows\system32\msfeeds.dll
2012-08-07 23:39:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-08-07 23:39:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-07 23:39:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-07 23:39:55 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-07 23:39:55 ----A---- C:\Windows\system32\iertutil.dll
2012-08-07 23:39:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-07 23:39:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-07 23:39:54 ----A---- C:\Windows\system32\wininet.dll
2012-08-07 23:39:54 ----A---- C:\Windows\system32\urlmon.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\url.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\ieui.dll
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdpwsx.dll
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\schannel.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\cng.sys
2012-08-07 23:39:03 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-08-07 23:39:03 ----A---- C:\Windows\system32\cdosys.dll
2012-08-07 23:38:59 ----A---- C:\Windows\system32\profsvc.dll
2012-08-07 23:38:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-07 23:38:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-08-07 23:38:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-08-07 23:38:53 ----A---- C:\Windows\system32\rdpcorets.dll
2012-08-07 23:38:53 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-07 23:38:51 ----A---- C:\Windows\system32\msi.dll
2012-08-07 23:38:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-08-07 23:38:43 ----A---- C:\Windows\system32\crypt32.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-08-07 23:38:42 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-07 23:38:42 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-07 23:37:44 ----D---- C:\ProgramData\ESET
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wups2.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wucltux.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wups.dll
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wudriver.dll
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wuapi.dll
2012-08-07 23:14:58 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-07 23:14:58 ----A---- C:\Windows\system32\wuapp.exe
2012-08-07 16:44:22 ----D---- C:\Crash
2012-08-06 02:24:39 ----A---- C:\Windows\SYSWOW64\cbb43ac365.exe
2012-08-06 02:24:37 ----A---- C:\Windows\SYSWOW64\e7d2a35bda.exe
2012-08-04 23:57:58 ----D---- C:\Users\Simoryn\AppData\Roaming\TS3Client
2012-08-04 19:45:45 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-08-04 19:45:45 ----A---- C:\Windows\system32\javaws.exe
2012-08-04 19:45:37 ----A---- C:\Windows\system32\javaw.exe
2012-08-04 19:45:37 ----A---- C:\Windows\system32\java.exe
2012-08-04 19:45:33 ----D---- C:\Program Files\Java
2012-08-04 15:51:37 ----D---- C:\ProgramData\Creative Labs
2012-08-04 09:17:02 ----D---- C:\Users\Simoryn\AppData\Roaming\InstallShield Installation Information
2012-08-04 02:14:22 ----D---- C:\Users\Simoryn\AppData\Roaming\bizarre creations
2012-08-03 14:01:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-31 12:56:55 ----D---- C:\Users\Simoryn\AppData\Roaming\.minecraft
2012-07-25 19:13:26 ----D---- C:\Program Files (x86)\ASUS
2012-07-25 19:13:26 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2012-07-25 19:13:26 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2012-07-22 23:27:24 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2012-07-22 23:27:23 ----N---- C:\Windows\system32\Sens_oal.dll
2012-07-22 23:25:53 ----A---- C:\Windows\system32\xfisk.ini
2012-07-22 23:25:53 ----A---- C:\Windows\system32\ctzapxx.ini
2012-07-22 23:25:48 ----D---- C:\Program Files\Creative
2012-07-22 23:25:48 ----A---- C:\Windows\SYSWOW64\CTAPO32.dll
2012-07-22 23:25:48 ----A---- C:\Windows\skSPcfg.ini
2012-07-22 23:25:48 ----A---- C:\Windows\skMCcfg.ini
2012-07-22 23:25:47 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\system32\CmdRtr64.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\system32\APOMgr64.DLL
2012-07-22 23:25:43 ----D---- C:\Program Files (x86)\Creative
2012-07-16 14:15:45 ----D---- C:\Users\Simoryn\AppData\Roaming\AtomZombieData
2012-07-15 12:01:52 ----D---- C:\ProgramData\ATI
2012-07-15 12:01:48 ----D---- C:\Program Files (x86)\AMD APP
2012-07-14 20:59:46 ----D---- C:\Users\Simoryn\AppData\Roaming\Mirillis
2012-07-14 20:59:46 ----D---- C:\ProgramData\Mirillis

======List of files/folders modified in the last 1 month======

2012-08-10 15:14:57 ----D---- C:\Windows\Temp
2012-08-10 15:14:53 ----RD---- C:\Program Files
2012-08-10 15:13:38 ----D---- C:\Users\Simoryn\AppData\Roaming\uTorrent
2012-08-10 15:10:01 ----D---- C:\Windows\Prefetch
2012-08-10 15:09:59 ----D---- C:\Users\Simoryn\AppData\Roaming\Skype
2012-08-10 15:06:31 ----AHD---- C:\ProgramData
2012-08-10 15:05:05 ----D---- C:\Program Files (x86)\TNod User & Password Finder
2012-08-10 13:43:28 ----SHD---- C:\Windows\Installer
2012-08-10 13:43:23 ----SHD---- C:\Config.Msi
2012-08-10 13:43:09 ----RD---- C:\Program Files (x86)
2012-08-10 13:43:09 ----D---- C:\Windows\system32\drivers
2012-08-10 13:42:52 ----D---- C:\ProgramData\Adobe
2012-08-10 13:42:17 ----D---- C:\Windows\SysWOW64
2012-08-10 13:41:56 ----SHD---- C:\System Volume Information
2012-08-10 13:38:27 ----D---- C:\Program Files (x86)\Webteh
2012-08-10 13:14:53 ----D---- C:\ProgramData\Origin
2012-08-10 13:14:53 ----D---- C:\ProgramData\Electronic Arts
2012-08-10 12:58:59 ----D---- C:\Users\Simoryn\AppData\Roaming\Origin
2012-08-10 11:28:07 ----D---- C:\Windows\system32\config
2012-08-10 11:18:01 ----D---- C:\Windows\winsxs
2012-08-10 11:16:51 ----D---- C:\Program Files (x86)\Common Files
2012-08-10 11:16:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-10 11:03:49 ----D---- C:\Users\Simoryn\AppData\Roaming\vlc
2012-08-10 10:52:08 ----D---- C:\ProgramData\Skype
2012-08-10 10:52:03 ----RD---- C:\Program Files (x86)\Skype
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\Media Player Classic
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\DAEMON Tools Pro
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\DAEMON Tools Lite
2012-08-09 23:57:59 ----D---- C:\Windows\system32\Tasks
2012-08-09 10:30:46 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-08-08 19:34:59 ----D---- C:\ProgramData\Tunngle
2012-08-08 17:05:55 ----D---- C:\Windows\system32\wbem
2012-08-08 16:50:33 ----D---- C:\Windows\system32\catroot2
2012-08-08 11:45:36 ----D---- C:\Program Files (x86)\AMD
2012-08-08 11:44:35 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-08-08 11:44:15 ----D---- C:\Windows
2012-08-08 10:31:29 ----D---- C:\Windows\rescache
2012-08-08 09:52:07 ----RSD---- C:\Windows\assembly
2012-08-08 09:52:07 ----D---- C:\Windows\Microsoft.NET
2012-08-08 09:36:42 ----D---- C:\Windows\System32
2012-08-08 09:36:41 ----D---- C:\Windows\SYSWOW64\migration
2012-08-08 09:36:41 ----D---- C:\Windows\system32\migration
2012-08-08 09:36:41 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-08 09:36:40 ----D---- C:\Program Files\Internet Explorer
2012-08-08 09:36:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-08-08 09:36:37 ----D---- C:\Windows\system32\cs-CZ
2012-08-08 02:41:32 ----D---- C:\Windows\system32\catroot
2012-08-08 02:37:03 ----D---- C:\ProgramData\Microsoft Help
2012-08-07 23:40:00 ----D---- C:\Windows\inf
2012-08-07 23:39:56 ----D---- C:\Windows\system32\DriverStore
2012-08-07 23:14:53 ----D---- C:\Windows\Logs
2012-08-04 19:45:34 ----A---- C:\Windows\system32\deployJava1.dll
2012-08-04 12:12:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-04 07:55:26 ----D---- C:\Windows\system32\wdi
2012-08-04 07:41:46 ----D---- C:\Users\Simoryn\AppData\Roaming\Tunngle
2012-08-04 04:19:58 ----A---- C:\Users\Simoryn\AppData\Roaming\All CPU Meter_Settings.ini
2012-08-03 15:01:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-01 12:58:50 ----D---- C:\Windows\SYSWOW64\directx
2012-07-25 19:28:18 ----D---- C:\Program Files (x86)\totalcmd
2012-07-25 19:13:26 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-22 23:39:56 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-07-22 23:39:56 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-07-22 23:39:56 ----A---- C:\Windows\system32\wrap_oal.dll
2012-07-22 23:39:56 ----A---- C:\Windows\system32\OpenAL32.dll
2012-07-15 12:01:17 ----D---- C:\Program Files\ATI Technologies

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-11 530488]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 279616]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-01 314016]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 53816]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-01 43680]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-01-15 14112]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-06 367976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-04-12 708200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-09-07 2173552]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-13 21712]
S3 dump_wmimmc;dump_wmimmc; \??\D:\Program Files (x86)\Aeria games\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
R2 ekrn;ESET Service; D:\Program Files (x86)\Eset\x86\ekrn.exe [2012-03-07 913144]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-08 76888]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-09-07 27760]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate1ca67028f3a3192;Služba Google Update (gupdate1ca67028f3a3192); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-07-22 79360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-02 1432400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2009-11-12 3403420]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-04 529232]
S3 TunngleService;TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

#2 Příspěvek od **vyosek** » 10 srp 2012 14:57

Zdravim a pekne odpoledne preji

Pokud chcete pomoci, tak odinstalujte ten nelegalni ESET a nahradte jej free resenim (Avast, AVira ci MSE). Pote dejte novy log z RSIT. Tento muj "pozadavek" vychazi z platnych pravidel fora, ktere jste vy i ja povinnen dodrzovat

Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium

A nebo byla "koupena" nekde na internetu

Jackal · #3 Příspěvek od **Jackal** » 10 srp 2012 15:21

děkuji za rychlou reakci zde je new log a za eset se omlouvam to byl fail.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Simoryn at 2012-08-10 16:17:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 34 GB (31%) free of 110 GB
Total RAM: 4095 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:17:30, on 10.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\GameBox\vprot.exe
D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files (x86)\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\IObit\Game Booster 3\FPSClient.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Simoryn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gbt.toolbarhome.com/?hp=df
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
O2 - BHO: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: WebScout Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll
O3 - Toolbar: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [vProt] C:\Program Files (x86)\GameBox\vprot.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPDLR] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: StartupCPU.lnk = Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe
O4 - Startup: StartupGPU.lnk = Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe
O4 - Startup: VersionCheck.lnk = Simoryn\AppData\Roaming\FAH\VersionCheck.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to AMV Converter... - D:\Program Files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Program Files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate1ca67028f3a3192) (gupdate1ca67028f3a3192) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17002 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"C:\Windows\WindowsMobile\wmdc.exe"
"taskhost.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
taskeng.exe {95F2A408-61A0-497D-AC85-2E36FB39763C}
taskeng.exe {6C26E894-794C-4109-95CA-C9FA99454DF2}
"C:\Program Files (x86)\GameBox\vprot.exe"
"D:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
"C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Simoryn/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"D:\Program Files (x86)\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"D:\Program Files (x86)\IObit\Game Booster 3\FPSClient.exe"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
C:\Windows\System32\svchost.exe -k ipripsvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2788
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
C:\Windows\system32\wbem\WmiApSrv.exe
HydraDM64.exe -h:135838 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6552.1.2141977842\395158805" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6552.2.201580913\1892980360" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6552.3.1322059454\1540241629" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6552.4.1118117148\571730704" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6552.5.855179078\998949233" /prefetch:3
"C:\Users\Simoryn\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6552.7.686477699\1603157783" /prefetch:3

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\PC Health Advisor Defrag.job
C:\Windows\tasks\PC Health Advisor.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://gbt.toolbarhome.com/?hp=df"
prefs.js - "extensions.enabledItems" - "battlefieldheroespatcher@ea.com:4.0.36.0, {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1, {800b5000-a755-47e1-992b-48a1c1357f07}:2, radiobar@toolbar:1.0.0, battlefieldplay4free@ea.com:1.0.53.2, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, DTToolbar@toolbarnet.com:1.1.7.0190, support@predictad.com:1.11, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, gamebox@toolbar:1.0.0, iobit@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =382950&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npnul32.dll
nppdf32.dll
nsIDivxPlayerPlugin.xpt
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
adaradar.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\extensions\
battlefieldheroespatcher@ea.com
battlefieldplay4free@ea.com
DTToolbar@toolbarnet.com
gamebox@toolbar
radiobar@toolbar
support@predictad.com
{687578b9-7132-4a7a-80e4-30ee31099e03}
{75656794-AB59-4712-BFBC-5D816D56F3BC}

C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-04 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-04 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll [2010-08-29 97760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}]
GameBox Toolbar - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll [2011-05-14 790104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-26 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - WebScout Toolbar - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll [2010-02-16 2495488]
{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - GameBox Toolbar - C:\Program Files (x86)\GameBox\gamebox_toolbar.dll [2011-05-14 790104]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-11 880496]
"vProt"=C:\Program Files (x86)\GameBox\vprot.exe [2011-05-14 123480]
"Akamai NetSession Interface"=C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe [2012-05-26 4327744]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"KiesPDLR"=D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-06-08 21432]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2011-10-16 393216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-09-03 536576]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2011-02-01 232104]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-09-13 4958320]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
""= []
"KiesTrayAgent"=D:\Program Files (x86)\Kies\KiesTrayAgent.exe [2012-06-08 3521464]
"TaskTray"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-06-11 641704]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]

C:\Users\Simoryn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
StartupCPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe
StartupGPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe
VersionCheck.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-08-10 16:07:23 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-08-10 16:07:23 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-08-10 16:07:17 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-08-10 16:07:14 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-08-10 16:07:12 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-08-10 16:07:10 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-08-10 16:07:09 ----A---- C:\Windows\system32\aswBoot.exe
2012-08-10 16:06:47 ----A---- C:\Windows\avastSS.scr
2012-08-10 16:06:46 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-08-10 16:06:38 ----D---- C:\ProgramData\AVAST Software
2012-08-10 16:06:38 ----D---- C:\Program Files\AVAST Software
2012-08-10 15:14:53 ----D---- C:\rsit
2012-08-10 15:14:53 ----D---- C:\Program Files\trend micro
2012-08-10 15:09:26 ----A---- C:\Users\Simoryn\AppData\Roaming\svchost.exe
2012-08-10 13:43:20 ----D---- C:\Users\Simoryn\AppData\Roaming\Malwarebytes
2012-08-10 13:43:10 ----D---- C:\ProgramData\Malwarebytes
2012-08-10 13:43:09 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-10 13:43:09 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-08-10 13:37:58 ----D---- C:\Users\Simoryn\AppData\Roaming\BSplayer
2012-08-10 10:50:25 ----D---- C:\Program Files\WinRAR
2012-08-10 00:09:38 ----D---- C:\Program Files (x86)\FileHippo.com
2012-08-10 00:07:45 ----D---- C:\Program Files\Defraggler
2012-08-09 23:57:55 ----D---- C:\Program Files\CCleaner
2012-08-08 17:04:23 ----A---- C:\Users\Simoryn\AppData\Roaming\GPU MeterV2_Settings.ini
2012-08-08 16:57:46 ----A---- C:\Users\Simoryn\AppData\Roaming\Drives Meter_Settings.ini
2012-08-08 02:41:19 ----A---- C:\Windows\system32\win32k.sys
2012-08-07 23:40:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-08-07 23:40:34 ----A---- C:\Windows\system32\msxml6.dll
2012-08-07 23:40:34 ----A---- C:\Windows\system32\msxml3.dll
2012-08-07 23:40:33 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-08-07 23:40:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-08-07 23:40:33 ----A---- C:\Windows\system32\msxml3r.dll
2012-08-07 23:40:28 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-07 23:40:28 ----A---- C:\Windows\system32\jscript.dll
2012-08-07 23:40:22 ----A---- C:\Windows\system32\shell32.dll
2012-08-07 23:40:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-08-07 23:40:08 ----A---- C:\Windows\system32\ieframe.dll
2012-08-07 23:40:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-07 23:40:01 ----A---- C:\Windows\system32\mshtml.dll
2012-08-07 23:39:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-07 23:39:57 ----A---- C:\Windows\system32\msfeeds.dll
2012-08-07 23:39:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-08-07 23:39:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-07 23:39:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-07 23:39:55 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-07 23:39:55 ----A---- C:\Windows\system32\iertutil.dll
2012-08-07 23:39:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-07 23:39:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-07 23:39:54 ----A---- C:\Windows\system32\wininet.dll
2012-08-07 23:39:54 ----A---- C:\Windows\system32\urlmon.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-07 23:39:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\url.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-07 23:39:53 ----A---- C:\Windows\system32\ieui.dll
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdpwsx.dll
2012-08-07 23:39:22 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-08-07 23:39:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\schannel.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-07 23:39:20 ----A---- C:\Windows\system32\drivers\cng.sys
2012-08-07 23:39:03 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-08-07 23:39:03 ----A---- C:\Windows\system32\cdosys.dll
2012-08-07 23:38:59 ----A---- C:\Windows\system32\profsvc.dll
2012-08-07 23:38:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-07 23:38:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-08-07 23:38:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-08-07 23:38:53 ----A---- C:\Windows\system32\rdpcorets.dll
2012-08-07 23:38:53 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-07 23:38:51 ----A---- C:\Windows\system32\msi.dll
2012-08-07 23:38:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-08-07 23:38:43 ----A---- C:\Windows\system32\crypt32.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-08-07 23:38:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-08-07 23:38:42 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-07 23:38:42 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wups2.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wucltux.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-07 23:15:38 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wups.dll
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wudriver.dll
2012-08-07 23:15:18 ----A---- C:\Windows\system32\wuapi.dll
2012-08-07 23:14:58 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-07 23:14:58 ----A---- C:\Windows\system32\wuapp.exe
2012-08-07 16:44:22 ----D---- C:\Crash
2012-08-06 02:24:39 ----A---- C:\Windows\SYSWOW64\cbb43ac365.exe
2012-08-06 02:24:37 ----A---- C:\Windows\SYSWOW64\e7d2a35bda.exe
2012-08-04 23:57:58 ----D---- C:\Users\Simoryn\AppData\Roaming\TS3Client
2012-08-04 19:45:45 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-08-04 19:45:45 ----A---- C:\Windows\system32\javaws.exe
2012-08-04 19:45:37 ----A---- C:\Windows\system32\javaw.exe
2012-08-04 19:45:37 ----A---- C:\Windows\system32\java.exe
2012-08-04 19:45:33 ----D---- C:\Program Files\Java
2012-08-04 15:51:37 ----D---- C:\ProgramData\Creative Labs
2012-08-04 09:17:02 ----D---- C:\Users\Simoryn\AppData\Roaming\InstallShield Installation Information
2012-08-04 02:14:22 ----D---- C:\Users\Simoryn\AppData\Roaming\bizarre creations
2012-08-03 14:01:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-31 12:56:55 ----D---- C:\Users\Simoryn\AppData\Roaming\.minecraft
2012-07-25 19:13:26 ----D---- C:\Program Files (x86)\ASUS
2012-07-25 19:13:26 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2012-07-25 19:13:26 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2012-07-22 23:27:24 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2012-07-22 23:27:23 ----N---- C:\Windows\system32\Sens_oal.dll
2012-07-22 23:25:53 ----A---- C:\Windows\system32\xfisk.ini
2012-07-22 23:25:53 ----A---- C:\Windows\system32\ctzapxx.ini
2012-07-22 23:25:48 ----D---- C:\Program Files\Creative
2012-07-22 23:25:48 ----A---- C:\Windows\SYSWOW64\CTAPO32.dll
2012-07-22 23:25:48 ----A---- C:\Windows\skSPcfg.ini
2012-07-22 23:25:48 ----A---- C:\Windows\skMCcfg.ini
2012-07-22 23:25:47 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\system32\CmdRtr64.DLL
2012-07-22 23:25:47 ----A---- C:\Windows\system32\APOMgr64.DLL
2012-07-22 23:25:43 ----D---- C:\Program Files (x86)\Creative
2012-07-16 14:15:45 ----D---- C:\Users\Simoryn\AppData\Roaming\AtomZombieData
2012-07-15 12:01:52 ----D---- C:\ProgramData\ATI
2012-07-15 12:01:48 ----D---- C:\Program Files (x86)\AMD APP
2012-07-14 20:59:46 ----D---- C:\Users\Simoryn\AppData\Roaming\Mirillis
2012-07-14 20:59:46 ----D---- C:\ProgramData\Mirillis

======List of files/folders modified in the last 1 month======

2012-08-10 16:16:31 ----D---- C:\Users\Simoryn\AppData\Roaming\uTorrent
2012-08-10 16:16:19 ----D---- C:\Windows\Temp
2012-08-10 16:16:09 ----D---- C:\Users\Simoryn\AppData\Roaming\Skype
2012-08-10 16:09:42 ----AHD---- C:\ProgramData
2012-08-10 16:07:23 ----D---- C:\Windows\system32\drivers
2012-08-10 16:07:10 ----D---- C:\Windows\system32\Tasks
2012-08-10 16:07:09 ----D---- C:\Windows\System32
2012-08-10 16:07:07 ----SHD---- C:\Windows\Installer
2012-08-10 16:07:07 ----SHD---- C:\Config.Msi
2012-08-10 16:06:47 ----D---- C:\Windows
2012-08-10 16:06:46 ----D---- C:\Windows\SysWOW64
2012-08-10 16:06:38 ----RD---- C:\Program Files
2012-08-10 16:06:35 ----SHD---- C:\System Volume Information
2012-08-10 16:01:26 ----D---- C:\Windows\system32\DriverStore
2012-08-10 16:01:26 ----D---- C:\Windows\system32\catroot
2012-08-10 16:01:25 ----D---- C:\Windows\inf
2012-08-10 15:10:01 ----D---- C:\Windows\Prefetch
2012-08-10 15:05:05 ----D---- C:\Program Files (x86)\TNod User & Password Finder
2012-08-10 13:43:09 ----RD---- C:\Program Files (x86)
2012-08-10 13:42:52 ----D---- C:\ProgramData\Adobe
2012-08-10 13:38:27 ----D---- C:\Program Files (x86)\Webteh
2012-08-10 13:14:53 ----D---- C:\ProgramData\Origin
2012-08-10 13:14:53 ----D---- C:\ProgramData\Electronic Arts
2012-08-10 12:58:59 ----D---- C:\Users\Simoryn\AppData\Roaming\Origin
2012-08-10 11:28:07 ----D---- C:\Windows\system32\config
2012-08-10 11:18:01 ----D---- C:\Windows\winsxs
2012-08-10 11:16:51 ----D---- C:\Program Files (x86)\Common Files
2012-08-10 11:16:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-10 11:03:49 ----D---- C:\Users\Simoryn\AppData\Roaming\vlc
2012-08-10 10:52:08 ----D---- C:\ProgramData\Skype
2012-08-10 10:52:03 ----RD---- C:\Program Files (x86)\Skype
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\Media Player Classic
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\DAEMON Tools Pro
2012-08-10 00:02:45 ----D---- C:\Users\Simoryn\AppData\Roaming\DAEMON Tools Lite
2012-08-09 10:30:46 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-08-08 19:34:59 ----D---- C:\ProgramData\Tunngle
2012-08-08 17:05:55 ----D---- C:\Windows\system32\wbem
2012-08-08 16:50:33 ----D---- C:\Windows\system32\catroot2
2012-08-08 11:45:36 ----D---- C:\Program Files (x86)\AMD
2012-08-08 11:44:35 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-08-08 10:31:29 ----D---- C:\Windows\rescache
2012-08-08 09:52:07 ----RSD---- C:\Windows\assembly
2012-08-08 09:52:07 ----D---- C:\Windows\Microsoft.NET
2012-08-08 09:36:41 ----D---- C:\Windows\SYSWOW64\migration
2012-08-08 09:36:41 ----D---- C:\Windows\system32\migration
2012-08-08 09:36:41 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-08 09:36:40 ----D---- C:\Program Files\Internet Explorer
2012-08-08 09:36:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-08-08 09:36:37 ----D---- C:\Windows\system32\cs-CZ
2012-08-08 02:37:03 ----D---- C:\ProgramData\Microsoft Help
2012-08-07 23:14:53 ----D---- C:\Windows\Logs
2012-08-04 19:45:34 ----A---- C:\Windows\system32\deployJava1.dll
2012-08-04 12:12:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-04 07:55:26 ----D---- C:\Windows\system32\wdi
2012-08-04 07:41:46 ----D---- C:\Users\Simoryn\AppData\Roaming\Tunngle
2012-08-04 04:19:58 ----A---- C:\Users\Simoryn\AppData\Roaming\All CPU Meter_Settings.ini
2012-08-03 15:01:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-01 12:58:50 ----D---- C:\Windows\SYSWOW64\directx
2012-07-25 19:28:18 ----D---- C:\Program Files (x86)\totalcmd
2012-07-25 19:13:26 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-22 23:39:56 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-07-22 23:39:56 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-07-22 23:39:56 ----A---- C:\Windows\system32\wrap_oal.dll
2012-07-22 23:39:56 ----A---- C:\Windows\system32\OpenAL32.dll
2012-07-15 12:01:17 ----D---- C:\Program Files\ATI Technologies

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-11 530488]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 279616]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-01 314016]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 53816]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-01 43680]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-01-15 14112]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-06 367976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-04-12 708200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-09-07 2173552]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-13 21712]
S3 dump_wmimmc;dump_wmimmc; \??\D:\Program Files (x86)\Aeria games\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-01-27 286720]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-08 76888]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-09-07 27760]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate1ca67028f3a3192;Služba Google Update (gupdate1ca67028f3a3192); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-07-22 79360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-02 1432400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2009-11-12 3403420]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-04 529232]
S3 TunngleService;TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 10 srp 2012 15:32

Odinstalujte vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr

Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Jackal · #5 Příspěvek od **Jackal** » 10 srp 2012 15:38

Rkill 2.0.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/10/2012 04:37:11 PM in x64 mode.
Windows Version: Windows 7

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Windows\Samsung\PanelMgr\SSMMgr.exe (PID: 2804) [WD-HEUR]
* C:\Windows\Samsung\PanelMgr\caller64.exe (PID: 3760) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Simoryn\Desktop\rkill-backup\rkill-08-10-2012-04-37-17.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 08/10/2012 04:37:27 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#6 Příspěvek od **vyosek** » 10 srp 2012 15:42

Super, hura na RogueKiller

Jackal · #7 Příspěvek od **Jackal** » 10 srp 2012 15:43

RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: Simoryn [Práva správce]
Mód: Kontrola -- Datum: 08/10/2012 16:42:57

¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] visicom_antiphishing.exe -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe -> KILLED [TermProc]

¤¤¤ Záznamy Registrů: 10 ¤¤¤
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> FOUND
[SUSP PATH] {8230A155-C8A6-49B1-93EA-C327CEEFF2A6}.job @ : C:\Users\Simoryn\Desktop\WillowTree# 2.1\WillowTree#.exe -> FOUND
[SUSP PATH] StartupCPU.lnk @Simoryn : C:\Users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe -> FOUND
[SUSP PATH] StartupGPU.lnk @Simoryn : C:\Users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe -> FOUND
[SUSP PATH] VersionCheck.lnk @Simoryn : C:\Users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400AAKS-00A7B2 ATA Device +++++
--- User ---
[MBR] 2061f0e34faeb5e234f5c7c9526b45cd
[BSP] 46e47d8d76e6e2e1d61d77203a2ac146 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 110378 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 226260992 | Size: 499999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

#8 Příspěvek od **vyosek** » 10 srp 2012 15:51

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Jackal · #9 Příspěvek od **Jackal** » 10 srp 2012 16:16

ComboFix 12-08-09.01 - Simoryn 10.08.2012 16:57:14.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2107 [GMT 2:00]
Spuštěný z: c:\users\Simoryn\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\program files (x86)\WebScout Toolbar\tbHElper.dll
c:\programdata\CB638D8EAA.sys
c:\users\Simoryn\AppData\Local\assembly\tmp
c:\users\Simoryn\AppData\Local\libcurl-4.dll
c:\users\Simoryn\AppData\Local\operaprefs.ini
c:\users\Simoryn\AppData\Local\pthreadGC2.dll
c:\users\Simoryn\AppData\Local\svchost.exe
c:\users\Simoryn\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Simoryn\AppData\Roaming\.#
c:\users\Simoryn\AppData\Roaming\.#\MBX@E74@1FB29A8.###
c:\users\Simoryn\AppData\Roaming\.#\MBX@E74@1FB29D8.###
c:\users\Simoryn\AppData\Roaming\.#\MBX@E74@1FB2A08.###
c:\users\Simoryn\AppData\Roaming\.#\MBX@EF0@3B29A8.###
c:\users\Simoryn\AppData\Roaming\.#\MBX@EF0@3B29D8.###
c:\users\Simoryn\AppData\Roaming\.#\MBX@EF0@3B2A08.###
c:\users\Simoryn\AppData\Roaming\Love
c:\users\Simoryn\AppData\Roaming\Love\TSW\data.lua
c:\users\Simoryn\AppData\Roaming\nvtray.exe
c:\users\Simoryn\AppData\Roaming\svchost.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\cbb43ac365.exe
c:\windows\SysWow64\e7d2a35bda.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\tmp8101.tmp
c:\windows\SysWow64\tmp8121.tmp
c:\windows\SysWow64\tmp8C1F.tmp
c:\windows\SysWow64\tmp8C7E.tmp
c:\windows\SysWow64\tmpC4D4.tmp
c:\windows\SysWow64\tmpC4D5.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-10 do 2012-08-10 )))))))))))))))))))))))))))))))
.
.
2012-08-10 14:07 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-10 14:07 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-10 14:07 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-10 14:07 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-10 14:07 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-10 14:07 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-10 14:07 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-10 14:06 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-10 14:06 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-10 14:06 . 2012-08-10 14:06 -------- d-----w- c:\programdata\AVAST Software
2012-08-10 14:06 . 2012-08-10 14:06 -------- d-----w- c:\program files\AVAST Software
2012-08-10 13:14 . 2012-08-10 14:17 -------- d-----w- c:\program files\trend micro
2012-08-10 13:14 . 2012-08-10 13:15 -------- d-----w- C:\rsit
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\users\Simoryn\AppData\Roaming\Malwarebytes
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\programdata\Malwarebytes
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-10 11:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-10 11:37 . 2012-08-10 11:38 -------- d-----w- c:\users\Simoryn\AppData\Roaming\BSplayer
2012-08-10 11:14 . 2012-08-10 11:14 -------- d-----w- c:\users\Simoryn\AppData\Local\Origin
2012-08-10 09:16 . 2012-08-10 09:16 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared
2012-08-10 08:50 . 2012-08-10 08:50 -------- d-----w- c:\program files\WinRAR
2012-08-09 22:09 . 2012-08-09 22:09 -------- d-----w- c:\program files (x86)\FileHippo.com
2012-08-09 22:07 . 2012-08-09 22:07 -------- d-----w- c:\program files\Defraggler
2012-08-09 21:57 . 2012-08-09 21:57 -------- d-----w- c:\program files\CCleaner
2012-08-08 15:05 . 2012-08-08 15:05 -------- d-----w- c:\windows\system32\wbem\Framework
2012-08-08 08:46 . 2012-08-10 11:40 -------- d-----w- c:\users\Simoryn\AppData\Local\SvchostViewer
2012-08-08 00:41 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-07 21:39 . 2012-04-20 05:42 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-07 21:38 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-08-07 21:15 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-07 21:15 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-07 21:15 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-07 21:15 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-07 21:15 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-07 21:15 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-07 21:15 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-07 21:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-07 21:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-07 14:44 . 2012-08-07 14:44 -------- d-----w- C:\Crash
2012-08-07 12:01 . 2012-08-07 12:31 -------- d-----w- c:\users\Simoryn\AppData\Local\ArmA 2 OA
2012-08-04 21:57 . 2012-08-04 21:59 -------- d-----w- c:\users\Simoryn\AppData\Roaming\TS3Client
2012-08-04 17:45 . 2012-08-04 17:45 955888 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-04 17:45 . 2012-08-04 17:45 268784 ----a-w- c:\windows\system32\javaws.exe
2012-08-04 17:45 . 2012-08-04 17:45 189424 ----a-w- c:\windows\system32\javaw.exe
2012-08-04 17:45 . 2012-08-04 17:45 188912 ----a-w- c:\windows\system32\java.exe
2012-08-04 17:45 . 2012-08-04 17:45 -------- d-----w- c:\program files\Java
2012-08-04 13:51 . 2012-08-04 13:51 -------- d-----w- c:\programdata\Creative Labs
2012-08-04 07:17 . 2012-08-04 07:17 -------- d-----w- c:\users\Simoryn\AppData\Roaming\InstallShield Installation Information
2012-08-04 00:14 . 2012-08-04 00:14 -------- d-----w- c:\users\Simoryn\AppData\Roaming\bizarre creations
2012-08-03 12:01 . 2012-08-03 13:01 9827016 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-08-01 12:33 . 2012-08-01 12:33 -------- d-----w- c:\users\Simoryn\AppData\Local\FLT
2012-07-31 10:56 . 2012-08-10 09:41 -------- d-----w- c:\users\Simoryn\AppData\Roaming\.minecraft
2012-07-25 17:13 . 2012-07-25 17:13 -------- d-----w- c:\program files (x86)\ASUS
2012-07-25 17:13 . 2007-12-17 15:14 14392 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2012-07-25 17:13 . 2006-01-10 14:50 24576 ----a-w- c:\windows\SysWow64\AsIO.dll
2012-07-22 21:27 . 2010-02-02 08:57 2902498 ------w- c:\windows\SysWow64\Sens_oal.dll
2012-07-22 21:27 . 2010-02-02 08:59 1940992 ------w- c:\windows\system32\Sens_oal.dll
2012-07-22 21:27 . 2012-07-22 21:27 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2012-07-22 14:09 . 2012-07-22 14:09 -------- d-----w- c:\users\Simoryn\AppData\Local\Skyrim NPC Editor
2012-07-16 12:15 . 2012-07-16 12:15 -------- d-----w- c:\users\Simoryn\AppData\Roaming\AtomZombieData
2012-07-15 10:01 . 2012-07-15 10:01 -------- d-----w- c:\programdata\ATI
2012-07-15 10:01 . 2012-07-15 10:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-07-14 18:59 . 2012-07-14 18:59 -------- d-----w- c:\users\Simoryn\AppData\Roaming\Mirillis
2012-07-14 18:59 . 2012-07-14 18:59 -------- d-----w- c:\programdata\Mirillis
2012-07-14 18:59 . 2012-08-06 01:04 -------- d-----w- c:\users\Simoryn\AppData\Local\Mirillis
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-10 01:20 . 2012-08-10 01:20 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\offreg.dll
2012-08-09 08:30 . 2009-11-29 18:52 283312 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-09 08:30 . 2009-11-27 14:54 283312 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-08 19:09 . 2009-11-27 14:54 283312 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-08 09:44 . 2009-11-27 14:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-04 17:45 . 2011-12-23 15:49 839152 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-03 13:01 . 2012-04-11 17:52 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-03 13:01 . 2011-06-03 18:06 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 21:39 . 2010-11-17 17:48 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-22 21:39 . 2010-11-17 17:43 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2012-07-22 21:39 . 2010-02-07 11:21 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-07-22 21:39 . 2009-11-14 08:09 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-07-03 01:19 . 2009-11-15 11:17 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-29 10:04 . 2012-08-07 21:16 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\mpengine.dll
2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\SysWow64\pbsvc.exe
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-10-22 09:51 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2011-05-14 13:07 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2009-07-13 21:59 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-10-22 09:51 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-10-22 09:51 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2011-10-22 09:51 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-10-22 09:51 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-10-22 09:51 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-11 11:50 . 2012-06-11 11:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 11:50 . 2012-06-11 11:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 11:50 . 2012-06-11 11:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 11:50 . 2012-06-11 11:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 11:50 . 2012-06-11 11:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 11:49 . 2012-06-11 11:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-02 05:45 . 2012-08-07 21:39 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-08-07 21:39 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:34 . 2012-08-07 21:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2009-11-14 08:32 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-29 07:38 . 2011-11-29 15:38 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-23 19:13 . 2012-05-23 19:13 2829 ----a-w- c:\windows\DIIUnin.pif
2012-05-23 19:13 . 2012-05-23 19:13 94208 ----a-w- c:\windows\DIIUnin.exe
2012-05-15 03:03 . 2012-08-07 21:39 981504 ----a-w- c:\windows\SysWow64\wininet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-11 880496]
"vProt"="c:\program files (x86)\GameBox\vprot.exe" [2011-05-14 123480]
"Akamai NetSession Interface"="c:\users\Simoryn\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"KiesPDLR"="d:\program files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-16 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-09-03 536576]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-01-31 232104]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-09-13 4958320]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"KiesTrayAgent"="d:\program files (x86)\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\users\Simoryn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
StartupCPU.lnk - c:\users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe [2011-5-17 35944]
StartupGPU.lnk - c:\users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe [2011-5-17 35944]
VersionCheck.lnk - c:\users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe [2011-5-1 45010]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1ca67028f3a3192;Služba Google Update (gupdate1ca67028f3a3192);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-07-22 79360]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-13 21712]
R3 dump_wmimmc;dump_wmimmc;d:\program files (x86)\Aeria games\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-02 1432400]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;d:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-14 1255736]
R3 wolf;wolf;d:\aeriagames\Wolfteam\Wolfteam\wolf64.sys [x]
R3 X6va003;X6va003;c:\users\Simoryn\AppData\Local\Temp\0032FB7.tmp [x]
R3 X6va007;X6va007;c:\users\Simoryn\AppData\Local\Temp\0078843.tmp [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 279616]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 iprip;Naslouchání RIP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-01-15 14112]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-09-07 27760]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-09-07 2173552]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Simoryn\AppData\Local\Temp\tmp339D.tmp [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:01]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 21:19]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 21:19]
.
2012-08-09 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-08-04 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-08-07 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30]
.
2012-08-10 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://gbt.toolbarhome.com/?hp=df
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Add to AMV Converter... - d:\program files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - d:\program files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\Microsoft Office\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://gbt.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-TaskTray - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-BSPlayer1 - c:\program files (x86)\Webteh\BSplayer\uninstall.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\Simoryn\AppData\Local\Temp\tmp339D.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Simoryn\AppData\Local\Temp\0032FB7.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\Simoryn\AppData\Local\Temp\0078843.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2564665505-837348782-2844028651-1000\Software\SecuROM\License information*]
"datasecu"=hex:57,80,a9,52,f5,24,2d,6d,31,e5,8d,ce,cb,29,7e,2d,55,02,e5,fb,0c,
59,a1,8f,be,9c,6d,fc,94,b6,a7,a8,70,4b,5e,62,75,f7,42,9b,54,9f,03,da,be,5b,\
"rkeysecu"=hex:0b,a0,4e,70,3b,3c,41,86,68,9d,a0,21,af,c3,7d,db
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Celkový čas: 2012-08-10 17:14:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-10 15:14
.
Před spuštěním: Volných bajtů: 35 434 356 736
Po spuštění: Volných bajtů: 36 243 918 848
.
- - End Of File - - E3F5857DD2058E320BBED33221D95819

#10 Příspěvek od **vyosek** » 11 srp 2012 08:19

Poprosim o log z DDS

Stahnete DDS odsud http://download.bleepingcomputer.com/sUBs/Beta/dds.exe a ulozte na plochu
Spustte a kliknete na Start
Po chvili vyskoci log, ten rad uvidim

Jackal · #11 Příspěvek od **Jackal** » 11 srp 2012 12:02

DDS (Ver_2011-09-30.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Simoryn at 12:59:34 on 2012-08-11
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2016 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\GameBox\vprot.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\system32\svchost.exe -k apphost
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\Samsung\PanelMgr\caller64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://gbt.toolbarhome.com/?hp=df
uProxyOverride = 127.0.0.1:9421;<local>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: AC-Pro: {0FB6A909-6086-458F-BD92-1F8EE10042A0} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\WebScout Toolbar\tbcore3.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [vProt] C:\Program Files (x86)\GameBox\vprot.exe
uRun: [Akamai NetSession Interface] "C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [KiesPDLR] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Simoryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\StartupCPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe
StartupFolder: C:\Users\Simoryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\StartupGPU.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe
StartupFolder: C:\Users\Simoryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VersionCheck.lnk - C:\Users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe
StartupFolder: C:\Users\Simoryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to AMV Converter... - D:\Program Files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - D:\Program Files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{578A6644-9691-485C-91A0-8A57263F8448} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{E769F7F1-3018-4EA6-B660-2924DEBCD303} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://gbt.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-2-24 8704]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-8-10 958400]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-8-10 355856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-24 279616]
R2 aawservice;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe [2008-5-12 611664]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-11 239616]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-8-10 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-8-10 71064]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-10 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]
R2 iprip;Naslouchání RIP;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-14 27136]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-12-16 14112]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2009-11-30 11576]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-4-7 27760]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-14 46136]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-6-11 10248192]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-6-11 367616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-1 708200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2011-2-7 31232]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-4-13 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-4-7 2173552]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-6-11 361984]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
S2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1ca67028f3a3192;Služba Google Update (gupdate1ca67028f3a3192);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 250056]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-7-22 79360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-4-26 99384]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-4-13 21712]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-13 1432400]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-6-7 20992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-4-26 203320]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
S3 TunngleService;TunngleService;D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-7-27 738152]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-14 1255736]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2012-08-10 15:08:35 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-10 14:55:10 98816 ----a-w- C:\Windows\sed.exe
2012-08-10 14:55:10 256000 ----a-w- C:\Windows\PEV.exe
2012-08-10 14:55:10 208896 ----a-w- C:\Windows\MBR.exe
2012-08-10 14:55:06 -------- d-----w- C:\ComboFix
2012-08-10 14:07:17 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-10 14:07:12 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-10 14:07:10 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-10 14:06:47 41224 ----a-w- C:\Windows\avastSS.scr
2012-08-10 14:06:38 -------- d-----w- C:\ProgramData\AVAST Software
2012-08-10 14:06:38 -------- d-----w- C:\Program Files\AVAST Software
2012-08-10 13:14:53 -------- d-----w- C:\Program Files\trend micro
2012-08-10 11:43:20 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\Malwarebytes
2012-08-10 11:43:10 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-10 11:43:09 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-10 11:43:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-10 11:37:58 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\BSplayer
2012-08-10 11:14:52 -------- d-----w- C:\Users\Simoryn\AppData\Local\Origin
2012-08-10 09:16:51 -------- d-----w- C:\Program Files (x86)\Common Files\Futuremark Shared
2012-08-10 01:20:30 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\offreg.dll
2012-08-09 22:09:38 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2012-08-09 22:07:45 -------- d-----w- C:\Program Files\Defraggler
2012-08-09 21:57:55 -------- d-----w- C:\Program Files\CCleaner
2012-08-08 15:05:55 -------- d-----w- C:\Windows\System32\wbem\Framework\root\AddGadgets
2012-08-08 15:05:55 -------- d-----w- C:\Windows\System32\wbem\Framework\root
2012-08-08 15:05:55 -------- d-----w- C:\Windows\System32\wbem\Framework
2012-08-08 08:46:11 -------- d-----w- C:\Users\Simoryn\AppData\Local\SvchostViewer
2012-08-08 00:41:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-07 21:38:59 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-08-07 21:16:50 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\mpengine.dll
2012-08-07 21:15:38 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-08-07 21:15:18 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-08-07 21:14:58 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-08-07 21:14:58 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-08-07 14:44:22 -------- d-----w- C:\Crash
2012-08-07 12:01:15 -------- d-----w- C:\Users\Simoryn\AppData\Local\ArmA 2 OA
2012-08-04 21:57:58 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\TS3Client
2012-08-04 17:45:45 955888 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-08-04 13:51:37 -------- d-----w- C:\ProgramData\Creative Labs
2012-08-03 12:01:47 9827016 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-08-01 12:33:07 -------- d-----w- C:\Users\Simoryn\AppData\Local\FLT
2012-07-31 10:56:55 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\.minecraft
2012-07-25 17:13:26 24576 ----a-w- C:\Windows\SysWow64\AsIO.dll
2012-07-25 17:13:26 14392 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2012-07-25 17:13:26 -------- d-----w- C:\Program Files (x86)\ASUS
2012-07-22 21:27:24 2902498 ------w- C:\Windows\SysWow64\Sens_oal.dll
2012-07-22 21:27:23 1940992 ------w- C:\Windows\System32\Sens_oal.dll
2012-07-22 21:27:03 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2012-07-22 14:09:14 -------- d-----w- C:\Users\Simoryn\AppData\Local\Skyrim NPC Editor
2012-07-16 12:15:45 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\AtomZombieData
2012-07-15 10:01:48 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-07-14 18:59:46 -------- d-----w- C:\Users\Simoryn\AppData\Roaming\Mirillis
2012-07-14 18:59:46 -------- d-----w- C:\ProgramData\Mirillis
2012-07-14 18:59:45 -------- d-----w- C:\Users\Simoryn\AppData\Local\Mirillis
.
==================== Find3M ====================
.
2012-08-09 08:30:46 283312 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-08-09 08:30:46 283312 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-08-08 19:09:37 283312 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-08 09:44:35 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-08-04 17:45:34 839152 ----a-w- C:\Windows\System32\deployJava1.dll
2012-08-03 13:01:48 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-03 13:01:48 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-22 21:39:56 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-07-22 21:39:56 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-07-22 21:39:56 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-07-22 21:39:56 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-06-21 08:37:14 3166792 ------w- C:\Windows\SysWow64\pbsvc.exe
2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll
2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll
2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll
2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe
2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll
2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll
2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll
2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-31 10:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-29 07:38:50 330240 ----a-w- C:\Windows\MASetupCaller.dll
2012-05-23 19:13:25 2829 ----a-w- C:\Windows\DIIUnin.pif
2012-05-23 19:13:24 94208 ----a-w- C:\Windows\DIIUnin.exe
2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 13:01:58,59 ===============

#12 Příspěvek od **vyosek** » 11 srp 2012 12:31

Odinstalujte Lavasoft Ad-Aware

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

DirLook::
C:\Users\Simoryn\AppData\Local\SvchostViewer

Driver::
Akamai
gupdate
gupdatem
X6va003
X6va007

Collect::
c:\users\Simoryn\AppData\Local\Temp\0032FB7.tmp 
c:\users\Simoryn\AppData\Local\Temp\0078843.tmp

Folder::
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Users\Simoryn\AppData\Local\Akamai
c:\program files (x86)\common files\akamai

File::
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\PC Health Advisor Defrag.job
C:\Windows\tasks\PC Health Advisor.job

DDS::
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-Run: [Windows Mobile Device Center]
x64-Run: [Autodesk Sync]
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
mRun: [Adobe ARM] 
uRun: [uTorrent]
uRun: [vProt]
uRun: [Akamai NetSession Interface] "C:\Users\Simoryn\AppData\Local\Akamai\netsession_win.exe"
uRun: [DAEMON Tools Lite]
uRun: [Skype]
mRun: [Samsung PanelMgr] 
mRun: [DivXUpdate]
mRun: [SunJavaUpdateSched]
mRun: [LogMeIn Hamachi Ui] 
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
uStart Page = hxxp://gbt.toolbarhome.com/?hp=df
uProxyOverride = 127.0.0.1:9421;<local>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: AC-Pro: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - 

Firefox::
FF - ProfilePath - c:\users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://gbt.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =382950&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

NetSvc::
Akamai

RegNull::
[HKEY_USERS\S-1-5-21-2564665505-837348782-2844028651-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Jackal · #13 Příspěvek od **Jackal** » 11 srp 2012 13:25

ComboFix 12-08-09.01 - Simoryn 11.08.2012 14:04:06.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2190 [GMT 2:00]
Spuštěný z: c:\users\Simoryn\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Simoryn\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\ParetoLogic Registration3.job"
"c:\windows\tasks\ParetoLogic Update Version3.job"
"c:\windows\tasks\PC Health Advisor Defrag.job"
"c:\windows\tasks\PC Health Advisor.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\common files\akamai
c:\program files (x86)\common files\akamai\appregistry.dat
c:\program files (x86)\common files\akamai\client.ini
c:\program files (x86)\common files\akamai\client.ini.json
c:\program files (x86)\common files\akamai\CplTasks.xml
c:\program files (x86)\common files\akamai\euc_state.json
c:\program files (x86)\common files\akamai\extraroot.pem
c:\program files (x86)\common files\akamai\guid.ini
c:\program files (x86)\common files\akamai\installer.txt
c:\program files (x86)\common files\akamai\installer_no_upload_silent.exe
c:\program files (x86)\common files\akamai\Languages\csy.dll
c:\program files (x86)\common files\akamai\Languages\dan.dll
c:\program files (x86)\common files\akamai\Languages\deu.dll
c:\program files (x86)\common files\akamai\Languages\esp.dll
c:\program files (x86)\common files\akamai\Languages\fin.dll
c:\program files (x86)\common files\akamai\Languages\fra.dll
c:\program files (x86)\common files\akamai\Languages\chs.dll
c:\program files (x86)\common files\akamai\Languages\cht.dll
c:\program files (x86)\common files\akamai\Languages\ita.dll
c:\program files (x86)\common files\akamai\Languages\jpn.dll
c:\program files (x86)\common files\akamai\Languages\kor.dll
c:\program files (x86)\common files\akamai\Languages\nld.dll
c:\program files (x86)\common files\akamai\Languages\nor.dll
c:\program files (x86)\common files\akamai\Languages\plk.dll
c:\program files (x86)\common files\akamai\Languages\ptb.dll
c:\program files (x86)\common files\akamai\Languages\ptg.dll
c:\program files (x86)\common files\akamai\Languages\rus.dll
c:\program files (x86)\common files\akamai\Languages\sve.dll
c:\program files (x86)\common files\akamai\Languages\trk.dll
c:\program files (x86)\common files\akamai\Logs\debug.log
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_135516.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_145517.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_155518.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_165518.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_170044.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_170700.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_180700.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_190701.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_200702.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_210702.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_220702.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_230704.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120804_232229.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_001901.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_002052.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_031022.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_041319.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_042313.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_042617.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_052617.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_054106.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_054334.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_064334.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_074334.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_084345.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_091948.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_114810.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_124811.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_134811.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_144812.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_154812.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_161254.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_180608.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_190608.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_200608.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_210609.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_220609.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120805_230609.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_000610.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_010557.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_064816.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_074816.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_084816.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_094817.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_104817.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_110251.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_112552.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_112859.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_122859.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_132900.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_142901.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_152902.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_162902.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_172903.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_182904.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_192905.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_202906.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120806_205830.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_082510.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_092511.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_102511.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_112512.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_122512.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_132513.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_134655.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_141602.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_151602.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_161603.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_171604.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_181604.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_191605.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_201606.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_211606.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_212510.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_212751.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_222751.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120807_232752.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_002752.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_004213.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_073907.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_083908.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_093909.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_103909.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_113909.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_120814.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_142327.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_144952.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_154952.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_164952.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_174953.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_184954.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_194954.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_204954.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_214954.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120808_223817.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_051642.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_061642.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_071642.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_081643.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_091643.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_101643.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_111644.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_142529.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_152530.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_162530.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_172530.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_182531.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_192531.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_202531.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_212531.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_222532.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120809_232532.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_002533.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_012534.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_022535.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_032535.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_042536.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_052537.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_062538.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_072538.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_082538.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_092539.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_102539.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_112413.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_112659.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_122659.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_130545.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_130756.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_140758.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_141201.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_141451.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_145514.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_150610.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_150827.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_160827.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_170828.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_180828.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_190829.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_200829.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_210829.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120810_214058.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_032400.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_042401.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_052401.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_062402.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_072403.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_075747.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_102102.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_103241.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_105443.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_115017.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_115605.sent
c:\program files (x86)\common files\akamai\Logs\debug.log.120811_120200.sent
c:\program files (x86)\common files\akamai\netsession_win_4f7fccd.dll
c:\program files (x86)\common files\akamai\readme.txt
c:\program files (x86)\common files\akamai\root.pem
c:\program files (x86)\common files\akamai\rswinui.exe
c:\program files (x86)\common files\akamai\stubgraded
c:\program files (x86)\common files\akamai\uninstall.exe
c:\program files (x86)\DAEMON Tools Toolbar
c:\program files (x86)\DAEMON Tools Toolbar\_DTLite.xml
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
c:\program files (x86)\DAEMON Tools Toolbar\Resources\about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ARA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_audio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\az.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AZE.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\b1.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\cal.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DEU.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ENG.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\fb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\features.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\FRA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\help.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHT.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ITA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\JPN.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\KOR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\m.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\map.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\op.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RUS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\show.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\style.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\u.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\UKR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
c:\program files (x86)\DAEMON Tools Toolbar\YASU.exe
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\sitespanel.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_eng.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_heb.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg_lite.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\20minutos.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\about.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\abv.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktuality.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\alljobs.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\allocine.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\altervista.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\amazon.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\answers.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aol.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aolradio.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\apple.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ard.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\as.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlas.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlassk.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aufeminin.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autocz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\azet.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bazos.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bigmir.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\billiger.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bing.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\blesk.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\btv.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\calcalist.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cas.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cdiscount.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\centrum.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ciao.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnet.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnn.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\commentcamarche.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\corriere.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\csfd.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\d.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dailymotion.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\data.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deezer.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\default.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\delicious.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\depositfiles.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deviantart.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diary.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\digg.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dir.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\disney.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diva.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dnevnik.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\doctissimo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\donanimhaber.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebay.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebayanuncios.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ekolay.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elmundo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elpais.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\eurosport.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\facebook.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\finance.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\firmy.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flickr.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flix.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fotolog.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fox.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\france2.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\free.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\garanti.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazeta.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazetevatan.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazzetta.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gbg.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gepime.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gismeteo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gittigidiyor.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\globes.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmail.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmx.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\google.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googleearth.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googletranslate.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haber7.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haberturk.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hepsiburada.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horadot.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hurriyet.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\championat.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\chip.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\icq.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\idnes.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilike.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilmeteo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imageshack.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imdb.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\impulse.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\infojobs.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\interfacelift.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\internethaber.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iserialy.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iua.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\izlesene.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jappy.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeux.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeuxvideo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jing.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\joj.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kijiji.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kinopoisk.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\korrespondent.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lastfm.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leboncoin.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lemonde.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lenta.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leonardo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lequipe.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\letitbit.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libero.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libimseti.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lide.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\linternaute.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\livejournal.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mailru.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mako.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mappy.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mapy.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marca.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marketgid.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\markiza.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\megavideo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meinvz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mekusharim.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meta.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milanobakeca.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milliyet.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mimibazar.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\minibazar.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mobilen.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\morfix.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mouse.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mymovies.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\myspace.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana10.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netgames.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netlog.ico

Jackal · #14 Příspěvek od **Jackal** » 11 srp 2012 13:25

c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novinky.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novoteka.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nrg.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ntvmsnbc.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nytimes.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\odnoklassniki.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\one.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\orange.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\otto.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pagesjaunes.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\peliculasyonkis.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\photobucket.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\picnik.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pravda.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\profesia.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\prosieben.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\r10.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rapidshare.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rbc.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\repubblica.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rian.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rozetka.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rtl.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sabah.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sahibinden.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sat1.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\segundamano.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seriesyonkis.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznam.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznamemail.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sfr.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\shmu.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\schuelervz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\skyrock.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\slsp.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sme.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\snimka.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\softonic.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\spiegel.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\splinder.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport-express.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport5.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportal.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportcz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportes.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sporx.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.bmp
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\studivz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\subito.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\supercz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\superhry.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\svejo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\t-online.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tapuz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\taringa.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\telecinco.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\terra.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tf1.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\themarker.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tiscali.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\topky.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\torrents.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\travian.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\twitter.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ucoz.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ukr.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vbox7.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vesti.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vimeo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\virgilio.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vkontakte.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vodafone.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walla.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wallmart.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walmart.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wamba.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wat.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\weather.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\web.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wer-kennt-wen.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wetter.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wikipedia.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wolframalpha.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yad2.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yahoo.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ynet.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\youtube.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zamunda.bmp
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zap.ico
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\menu.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pin.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pinc.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\powerd1.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\remove.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\reset.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_arrow.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_bg.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\unpin.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\blacklist.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_33.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_34.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_359.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_380.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_39.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_42.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_4201.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_49.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_7.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_90.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_972.xml
c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\voucher_list.xml
c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
c:\users\Simoryn\AppData\Local\Akamai
c:\users\Simoryn\AppData\Local\Akamai\admintool.exe
c:\users\Simoryn\AppData\Local\Akamai\client.ini
c:\users\Simoryn\AppData\Local\Akamai\ControlPanel.exe
c:\users\Simoryn\AppData\Local\Akamai\CplTasks.xml
c:\users\Simoryn\AppData\Local\Akamai\euc_state.json
c:\users\Simoryn\AppData\Local\Akamai\extraroot.pem
c:\users\Simoryn\AppData\Local\Akamai\guid.ini
c:\users\Simoryn\AppData\Local\Akamai\installer.txt
c:\users\Simoryn\AppData\Local\Akamai\installer_no_upload_silent.exe
c:\users\Simoryn\AppData\Local\Akamai\Languages\csy.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\dan.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\deu.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\esp.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\fin.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\fra.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\chs.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\cht.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\ita.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\kor.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\nld.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\nor.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\plk.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\rus.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\sve.dll
c:\users\Simoryn\AppData\Local\Akamai\Languages\trk.dll
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120804_170459.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_001810.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_002009.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_030826.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_041124.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_042229.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_042509.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_054248.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_091907.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_114734.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_161228.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120805_180528.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_010523.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_064738.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_110231.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_112545.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_112837.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120806_205819.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120807_082433.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120807_134628.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120807_141542.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120807_212430.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120807_212823.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_000524.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_074006.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_120744.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_142254.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_144919.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120808_223753.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120809_051605.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120809_142454.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_112348.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_112628.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_130530.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_130714.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_141146.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_141347.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_150857.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120810_214046.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_032243.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_075737.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_102039.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_103232.upload
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_105421.upload
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon.debug.log.120811_115550.upload
c:\users\Simoryn\AppData\Local\Akamai\Logs\daemon1.debug.log
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_125512.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_135512.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_145513.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_155514.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_165514.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_170543.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_180544.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_190545.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_200545.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_210545.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_220546.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120804_230546.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_001900.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_002008.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_031002.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_041256.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_042228.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_042615.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_052616.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_054334.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_064334.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_074334.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_084345.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_091904.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_114810.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_124810.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_134811.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_144811.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_154812.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_161226.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_180606.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_190607.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_200608.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_210608.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_220608.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120805_230609.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_000609.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_010522.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_064815.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_074816.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_084817.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_094817.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_104818.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_110249.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_112544.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_112900.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_122900.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_132901.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_142901.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_152902.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_162902.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_172903.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_182904.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_192905.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_202905.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120806_205818.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_082510.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_092511.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_102511.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_112512.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_122512.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_132512.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_134626.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_141559.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_151559.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_161559.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_171600.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_181601.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_191601.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_201602.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_211602.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_212427.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_212830.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_222830.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120807_232831.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_000523.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_074025.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_084026.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_094027.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_104028.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_114028.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_120743.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_142327.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_144951.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_154952.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_164952.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_174952.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_184953.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_194953.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_204953.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_214954.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120808_223752.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_051641.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_061641.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_071642.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_081642.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_091642.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_101643.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_111644.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_142529.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_152529.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_162530.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_172531.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_182531.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_192532.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_202532.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_212533.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_222533.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120809_232534.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_002534.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_012535.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_022536.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_032537.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_042537.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_052538.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_062539.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_072539.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_082540.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_092540.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_102541.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_112347.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_112657.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_122657.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_130529.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_130755.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_140758.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_141145.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_141451.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_150933.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_160933.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_170933.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_180934.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_190934.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_200935.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_210935.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120810_214046.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_032359.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_042400.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_052400.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_062401.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_072401.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_075736.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_102059.sent
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_103231.upload
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_105441.upload
c:\users\Simoryn\AppData\Local\Akamai\Logs\debug.log.120811_115605.upload
c:\users\Simoryn\AppData\Local\Akamai\netsession_win.exe
c:\users\Simoryn\AppData\Local\Akamai\readme.txt
c:\users\Simoryn\AppData\Local\Akamai\root.pem
c:\users\Simoryn\AppData\Local\Akamai\rswinui.exe
c:\users\Simoryn\AppData\Local\Akamai\uninstall.exe
c:\users\Simoryn\AppData\Local\Akamai\user.dat
c:\users\Simoryn\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\ParetoLogic Registration3.job
c:\windows\tasks\ParetoLogic Update Version3.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA003
-------\Legacy_X6VA007
-------\Service_Akamai
-------\Service_gupdatem
-------\Service_X6va003
-------\Service_X6va007
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-11 do 2012-08-11 )))))))))))))))))))))))))))))))
.
.
2012-08-11 12:13 . 2012-08-11 12:13 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2012-08-10 14:07 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-10 14:07 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-10 14:07 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-10 14:07 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-10 14:07 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-10 14:07 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-10 14:07 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-10 14:06 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-10 14:06 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-10 14:06 . 2012-08-10 14:06 -------- d-----w- c:\programdata\AVAST Software
2012-08-10 14:06 . 2012-08-10 14:06 -------- d-----w- c:\program files\AVAST Software
2012-08-10 13:14 . 2012-08-10 14:17 -------- d-----w- c:\program files\trend micro
2012-08-10 13:14 . 2012-08-10 13:15 -------- d-----w- C:\rsit
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\users\Simoryn\AppData\Roaming\Malwarebytes
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\programdata\Malwarebytes
2012-08-10 11:43 . 2012-08-10 11:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-10 11:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-10 11:37 . 2012-08-10 11:38 -------- d-----w- c:\users\Simoryn\AppData\Roaming\BSplayer
2012-08-10 11:14 . 2012-08-11 11:32 -------- d-----w- c:\users\Simoryn\AppData\Local\Origin
2012-08-10 09:16 . 2012-08-10 09:16 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared
2012-08-10 08:50 . 2012-08-10 08:50 -------- d-----w- c:\program files\WinRAR
2012-08-09 22:09 . 2012-08-09 22:09 -------- d-----w- c:\program files (x86)\FileHippo.com
2012-08-09 22:07 . 2012-08-09 22:07 -------- d-----w- c:\program files\Defraggler
2012-08-09 21:57 . 2012-08-09 21:57 -------- d-----w- c:\program files\CCleaner
2012-08-08 15:05 . 2012-08-08 15:05 -------- d-----w- c:\windows\system32\wbem\Framework
2012-08-08 08:46 . 2012-08-10 11:40 -------- d-----w- c:\users\Simoryn\AppData\Local\SvchostViewer
2012-08-08 00:41 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-07 21:39 . 2012-04-20 05:42 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-07 21:38 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-08-07 21:15 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-07 21:15 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-07 21:15 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-07 21:15 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-07 21:15 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-07 21:15 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-07 21:15 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-07 21:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-07 21:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-07 14:44 . 2012-08-07 14:44 -------- d-----w- C:\Crash
2012-08-07 12:01 . 2012-08-07 12:31 -------- d-----w- c:\users\Simoryn\AppData\Local\ArmA 2 OA
2012-08-04 21:57 . 2012-08-04 21:59 -------- d-----w- c:\users\Simoryn\AppData\Roaming\TS3Client
2012-08-04 17:45 . 2012-08-04 17:45 955888 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-04 17:45 . 2012-08-04 17:45 268784 ----a-w- c:\windows\system32\javaws.exe
2012-08-04 17:45 . 2012-08-04 17:45 189424 ----a-w- c:\windows\system32\javaw.exe
2012-08-04 17:45 . 2012-08-04 17:45 188912 ----a-w- c:\windows\system32\java.exe
2012-08-04 17:45 . 2012-08-04 17:45 -------- d-----w- c:\program files\Java
2012-08-04 13:51 . 2012-08-04 13:51 -------- d-----w- c:\programdata\Creative Labs
2012-08-04 07:17 . 2012-08-04 07:17 -------- d-----w- c:\users\Simoryn\AppData\Roaming\InstallShield Installation Information
2012-08-03 12:01 . 2012-08-03 13:01 9827016 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-08-01 12:33 . 2012-08-01 12:33 -------- d-----w- c:\users\Simoryn\AppData\Local\FLT
2012-07-31 10:56 . 2012-08-10 09:41 -------- d-----w- c:\users\Simoryn\AppData\Roaming\.minecraft
2012-07-25 17:13 . 2012-07-25 17:13 -------- d-----w- c:\program files (x86)\ASUS
2012-07-25 17:13 . 2007-12-17 15:14 14392 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2012-07-25 17:13 . 2006-01-10 14:50 24576 ----a-w- c:\windows\SysWow64\AsIO.dll
2012-07-22 21:27 . 2010-02-02 08:57 2902498 ------w- c:\windows\SysWow64\Sens_oal.dll
2012-07-22 21:27 . 2010-02-02 08:59 1940992 ------w- c:\windows\system32\Sens_oal.dll
2012-07-22 21:27 . 2012-07-22 21:27 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2012-07-22 14:09 . 2012-07-22 14:09 -------- d-----w- c:\users\Simoryn\AppData\Local\Skyrim NPC Editor
2012-07-16 12:15 . 2012-07-16 12:15 -------- d-----w- c:\users\Simoryn\AppData\Roaming\AtomZombieData
2012-07-15 10:01 . 2012-07-15 10:01 -------- d-----w- c:\programdata\ATI
2012-07-15 10:01 . 2012-07-15 10:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-07-14 18:59 . 2012-07-14 18:59 -------- d-----w- c:\users\Simoryn\AppData\Roaming\Mirillis
2012-07-14 18:59 . 2012-07-14 18:59 -------- d-----w- c:\programdata\Mirillis
2012-07-14 18:59 . 2012-08-06 01:04 -------- d-----w- c:\users\Simoryn\AppData\Local\Mirillis
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-11 11:33 . 2009-11-29 18:52 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-11 11:33 . 2009-11-27 14:54 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-11 11:32 . 2009-11-27 14:54 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-10 18:16 . 2009-11-20 19:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-08-10 18:16 . 2009-11-20 19:22 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-08-10 01:20 . 2012-08-10 01:20 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\offreg.dll
2012-08-08 09:44 . 2009-11-27 14:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-04 17:45 . 2011-12-23 15:49 839152 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-03 13:01 . 2012-04-11 17:52 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-03 13:01 . 2011-06-03 18:06 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 21:39 . 2010-11-17 17:48 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-22 21:39 . 2010-11-17 17:43 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2012-07-22 21:39 . 2010-02-07 11:21 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-07-22 21:39 . 2009-11-14 08:09 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-07-03 01:19 . 2009-11-15 11:17 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-29 10:04 . 2012-08-07 21:16 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49D5B994-20C3-4480-A7AE-B3AAFE1C6CE8}\mpengine.dll
2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\SysWow64\pbsvc.exe
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-10-22 09:51 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2011-05-14 13:07 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2009-07-13 21:59 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-10-22 09:51 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-10-22 09:51 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2011-10-22 09:51 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-10-22 09:51 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-10-22 09:51 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-11 11:50 . 2012-06-11 11:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 11:50 . 2012-06-11 11:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 11:50 . 2012-06-11 11:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 11:50 . 2012-06-11 11:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 11:50 . 2012-06-11 11:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 11:49 . 2012-06-11 11:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-02 05:45 . 2012-08-07 21:39 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-08-07 21:39 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-31 10:25 . 2009-11-14 08:32 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-29 07:38 . 2011-11-29 15:38 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-23 19:13 . 2012-05-23 19:13 2829 ----a-w- c:\windows\DIIUnin.pif
2012-05-23 19:13 . 2012-05-23 19:13 94208 ----a-w- c:\windows\DIIUnin.exe
2012-05-15 03:03 . 2012-08-07 21:39 981504 ----a-w- c:\windows\SysWow64\wininet.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Simoryn\AppData\Local\SvchostViewer ----
.
2012-08-10 11:40 . 2012-08-10 11:40 1304 ----a-w- c:\users\Simoryn\AppData\Local\SvchostViewer\Svchost_Viewer.exe_Url_anqxrabyfarmee2i4e0vxs23tgc2tkym\0.5.0.1\user.config
2012-08-08 09:06 . 2012-08-08 09:06 1304 ----a-w- c:\users\Simoryn\AppData\Local\SvchostViewer\Svchost_Viewer.exe_Url_t5gqhu5flohkntsxd3xydgirmyymnemp\0.5.0.1\user.config
2012-08-08 08:46 . 2012-08-08 08:46 1304 ----a-w- c:\users\Simoryn\AppData\Local\SvchostViewer\Svchost_Viewer.exe_Url_nssgfzmaer2o0y3rrw2n2yr4yowmio2j\0.5.0.1\user.config
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-10_15.08.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-19 13:03 . 2011-09-19 13:03 45056 c:\windows\SysWOW64\rtvcvfw32.dll
- 2009-07-14 04:54 . 2012-08-10 15:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-11 12:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-08-10 15:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-11 12:17 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-10 15:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-11 12:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-14 08:16 . 2012-08-11 10:57 94966 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-11 12:18 44110 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-11-14 07:40 . 2012-08-11 12:18 41510 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2564665505-837348782-2844028651-1000_UserData.bin
+ 2009-11-13 16:45 . 2012-08-11 12:16 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-13 16:45 . 2012-08-10 15:08 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-13 16:45 . 2012-08-11 12:16 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-13 16:45 . 2012-08-10 15:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-11 12:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-10 15:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-14 08:07 . 2012-08-10 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-14 08:07 . 2012-08-11 12:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-14 08:07 . 2012-08-10 15:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-14 08:07 . 2012-08-11 12:17 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-14 08:07 . 2012-08-11 12:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-14 08:07 . 2012-08-10 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-14 10:11 . 2012-08-10 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-14 10:11 . 2012-08-11 12:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-14 10:11 . 2012-08-10 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-14 10:11 . 2012-08-11 12:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-14 21:27 . 2012-08-08 00:42 3208 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-11-14 21:27 . 2012-08-10 21:40 3208 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-08-11 12:15 . 2012-08-11 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-10 15:07 . 2012-08-10 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-10 15:07 . 2012-08-10 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-11 12:15 . 2012-08-11 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-08-10 15:06 452824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-11 12:14 452824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-14 23:02 . 2012-08-11 12:14 2786032 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-07-14 23:02 . 2012-08-10 15:06 2786032 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-11-14 22:49 . 2012-08-11 12:14 5033808 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2564665505-837348782-2844028651-1000-12288.dat
- 2010-11-14 22:49 . 2012-08-10 15:06 5033808 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2564665505-837348782-2844028651-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="d:\program files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-16 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-01-31 232104]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-09-13 4958320]
"KiesTrayAgent"="d:\program files (x86)\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\users\Simoryn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
StartupCPU.lnk - c:\users\Simoryn\AppData\Roaming\FAH\CPU\StartupCPU.exe [2011-5-17 35944]
StartupGPU.lnk - c:\users\Simoryn\AppData\Roaming\FAH\GPU\StartupGPU.exe [2011-5-17 35944]
VersionCheck.lnk - c:\users\Simoryn\AppData\Roaming\FAH\VersionCheck.exe [2011-5-1 45010]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1ca67028f3a3192;Služba Google Update (gupdate1ca67028f3a3192);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-07-22 79360]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-13 21712]
R3 dump_wmimmc;dump_wmimmc;d:\program files (x86)\Aeria games\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-02 1432400]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;d:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-14 1255736]
R3 wolf;wolf;d:\aeriagames\Wolfteam\Wolfteam\wolf64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 279616]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 iprip;Naslouchání RIP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-01-15 14112]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-09-07 27760]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 RTCore64;RTCore64;d:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-07-24 10568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-09-07 2173552]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Simoryn\AppData\Local\Temp\tmpE1C6.tmp [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-11 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
"combofix"="c:\combofix\CF6214.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Add to AMV Converter... - d:\program files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - d:\program files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\Microsoft Office\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Simoryn\AppData\Roaming\Mozilla\Firefox\Profiles\cgd2lkb5.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Akamai - c:\program files (x86)\Common Files\Akamai\uninstall.exe
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-{Clear Sky Complete v1.1.3}}_is1 - c:\users\Public\Documents\STALKER-STCS\Clear Sky Complete\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\Simoryn\AppData\Local\Temp\tmpE1C6.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
d:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Celkový čas: 2012-08-11 14:22:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-11 12:22
ComboFix2.txt 2012-08-10 15:14
.
Před spuštěním: Volných bajtů: 34 520 973 312
Po spuštění: Volných bajtů: 33 974 480 896
.
- - End Of File - - 184C3546D2FC45BCF91B0242B3E9298E

#15 Příspěvek od **vyosek** » 11 srp 2012 14:21

Jak se chova PC

VIRY.CZ

svchost žere 100% cpu prosím o kontrolu logu

svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu

Re: svchost žere 100% cpu prosím o kontrolu logu