Komtrola

Zpráva

tommmmm · #1 Příspěvek od **tommmmm** » 11 lis 2012 22:15

Ahoj potrebuji zkontrolovat pocitac, myslim ze internet je pomalejsi a MaM mi nasel PUP.Haktool.Patcher.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Toumes at 2012-11-11 22:09:31
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 187 GB (61%) free of 305 GB
Total RAM: 8190 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:34, on 11.11.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ICQ7.4\ICQ.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Toumes.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14038 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-75f014c7-ad0b-4ab5-a885-79bb721634a4 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a4fbc164-2ad6-4509-8988-d53f1fce7a2a -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6791ab64-8011-42a6-a7a4-b2b38ae1daaa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bd1b053e-1edb-4a5b-8d33-bbc7d5205515
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\Explorer.EXE
taskeng.exe {8A0D36B1-E5A8-4D30-95CD-889DD9F2E041}
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
taskeng.exe {DD439D55-7CC9-4A4A-ACE7-D78E3C2295C8}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\ICQ7.4\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Winamp\winampa.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\conime.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3648.19619100.1158291403 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3648 "\\.\pipe\gecko-crash-server-pipe.3648" plugin
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1200.98ff300.312622146 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 1200 "\\.\pipe\gecko-crash-server-pipe.1200" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe" --proxy-stub-channel=Flash5088.70783AA0.41 --host-broker-channel=Flash5088.70783AA0.18467 --host-pid=5088 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe" --channel=4368.002FF4D0.785249732 --proxy-stub-channel=Flash5088.70783AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.076422C0.156862656 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07A9C6E0.1406073187 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07A9C420.1895364193 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07A9C160.80360429 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.0772B6E0.1544358888 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07642840.1937209281 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07642000.392871922 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.04967C60.1581808533 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.04967840.577210073 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.04967580.1284967114 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Toumes\AppData\Local\Google\Chrome\APPLIC~1\140835~1.163\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll" --lang=cs --channel=3728.074C18C0.1571401907 --flash-broker=5792 /prefetch:4
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.049672C0.1650001333 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.04967000.1938228723 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.0483D000.1490618518 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.076FFDC0.797851278 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.076FF9A0.745459925 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.076FF420.915459812 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.076FF160.1334848760 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E12DC0.2128140946 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E12B00.82957017 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E12840.1311541039 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E12580.1168272477 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E122C0.1074765672 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.08E12000.165619801 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.09378C60.389535549 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.093789A0.410394430 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.093786E0.1741516956 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.093782C0.634709240 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07CAE6E0.2090225500 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07CAE160.485087789 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D96DC0.294083486 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D96B00.2110150296 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D96840.947671959 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D96580.1550824577 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D962C0.167884020 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07D96000.595101732 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E49C60.1340096605 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E499A0.772093721 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E496E0.1089015167 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E49420.525105589 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E49160.924496117 /prefetch:3
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.07E99DC0.1556490413 /prefetch:3
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=3728.0E27A840.1428761799 /prefetch:3
"Taskmgr.exe"
taskeng.exe {E2A530F5-BB21-4D4B-AB15-10C1D57A29A9}
"C:\Users\Toumes\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-11 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-25 10081312]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 2114376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"ICQ"=C:\Program Files (x86)\ICQ7.4\ICQ.exe [2011-03-16 119608]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2004-12-20 33792]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-11 22:04:59 ----D---- C:\rsit
2012-11-11 22:04:59 ----D---- C:\Program Files\trend micro
2012-10-28 19:32:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-22 19:54:41 ----A---- C:\Windows\SYSWOW64\SER9PL.sys
2012-10-18 21:18:37 ----A---- C:\Windows\system32\drivers\prodigy.sys
2012-10-18 21:18:30 ----D---- C:\Program Files (x86)\NSS

======List of files/folders modified in the last 1 month======

2012-11-11 22:09:32 ----D---- C:\Windows\Temp
2012-11-11 22:04:59 ----RD---- C:\Program Files
2012-11-11 21:03:44 ----SHD---- C:\System Volume Information
2012-11-11 20:13:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-11-11 20:13:27 ----D---- C:\Windows\Prefetch
2012-11-11 20:12:42 ----D---- C:\ProgramData\Adobe
2012-11-11 20:01:01 ----D---- C:\Windows\System32
2012-11-11 20:01:01 ----D---- C:\Windows\inf
2012-11-11 20:01:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-11 19:55:08 ----D---- C:\ProgramData\NVIDIA
2012-11-11 19:52:40 ----D---- C:\Users\Toumes\AppData\Roaming\ICQ
2012-11-11 19:30:44 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-11 19:30:41 ----D---- C:\Windows\system32\drivers
2012-11-07 18:00:46 ----D---- C:\Windows\system32\Msdtc
2012-11-07 18:00:41 ----D---- C:\Windows\system32\wbem
2012-11-07 18:00:41 ----D---- C:\Windows
2012-11-07 17:59:56 ----D---- C:\Windows\system32\config
2012-11-07 17:59:44 ----D---- C:\Windows\Tasks
2012-11-07 17:59:44 ----D---- C:\Windows\system32\spool
2012-11-07 17:59:44 ----D---- C:\Windows\system32\catroot2
2012-11-07 17:59:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-07 17:11:40 ----D---- C:\ProgramData\CanonIJPLM
2012-11-06 16:45:24 ----D---- C:\Program Files (x86)\Opera
2012-10-28 20:58:13 ----RD---- C:\Program Files (x86)
2012-10-22 20:16:54 ----D---- C:\ProgramData\Nokia
2012-10-22 20:00:17 ----SHD---- C:\Windows\Installer
2012-10-22 19:56:09 ----D---- C:\Windows\SysWOW64
2012-10-22 19:56:03 ----D---- C:\Program Files (x86)\Nokia
2012-10-22 17:10:11 ----D---- C:\Windows\system32\catroot
2012-10-19 20:02:11 ----RSD---- C:\Windows\Fonts
2012-10-19 18:37:52 ----D---- C:\Windows\winsxs
2012-10-19 18:35:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-14 513080]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2012-08-21 44272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-14 254528]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-11-11 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-25 2276128]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-12-30 12960744]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2010-02-09 302112]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S3 ayd7dxn3;ayd7dxn3; C:\Windows\system32\drivers\ayd7dxn3.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-12-27 1005160]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-11 250808]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-28 115168]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 12 lis 2012 09:35

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

tommmmm · #3 Příspěvek od **tommmmm** » 12 lis 2012 16:21

# AdwCleaner v2.007 - Logfile created 11/12/2012 at 16:19:54
# Updated 06/11/2012 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# User : Toumes - TOMAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Toumes\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : ICQ Service

***** [Files / Folders] *****

File Found : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\searchplugins\daemon-search.xml
File Found : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\searchplugins\icqplugin.xml
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKU\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\j70dnbs1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v14.0.835.163

File : C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.2.1578.0

File : C:\Users\Toumes\AppData\Roaming\Opera\Opera\operaprefs.ini

Found : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=osd&icid=opera

File : C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3737 octets] - [12/11/2012 16:19:54]

########## EOF - C:\AdwCleaner[R1].txt - [3797 octets] ##########

#4 Příspěvek od **vyosek** » 12 lis 2012 16:42

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

tommmmm · #5 Příspěvek od **tommmmm** » 12 lis 2012 17:06

# AdwCleaner v2.007 - Logfile created 11/12/2012 at 16:56:23
# Updated 06/11/2012 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# User : Toumes - TOMAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Toumes\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\ICQ6Toolbar
Deleted on reboot : C:\ProgramData\ICQ\ICQToolbar
File Deleted : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\searchplugins\icqplugin.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\j70dnbs1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v14.0.835.163

File : C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.2.1578.0

File : C:\Users\Toumes\AppData\Roaming\Opera\Opera\operaprefs.ini

Deleted : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=osd&icid=opera

File : C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3858 octets] - [12/11/2012 16:19:54]
AdwCleaner[S1].txt - [3400 octets] - [12/11/2012 16:56:23]

########## EOF - C:\AdwCleaner[S1].txt - [3460 octets] ##########

#6 Příspěvek od **vyosek** » 12 lis 2012 17:07

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

tommmmm · #7 Příspěvek od **tommmmm** » 12 lis 2012 17:39

OTL logfile created on: 12.11.2012 17:12:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toumes\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,63% Memory free
16,05 Gb Paging File | 13,24 Gb Available in Paging File | 82,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 183,38 Gb Free Space | 61,52% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 458,88 Gb Free Space | 76,97% Space Free | Partition Type: NTFS

Computer Name: TOMAS-PC | User Name: Toumes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.11.12 17:10:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toumes\Desktop\OTL.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.03.16 20:39:29 | 000,119,608 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.4\ICQ.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004.12.20 19:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe

========== Modules (No Company Name) ==========

MOD - [2011.09.14 10:41:53 | 000,412,728 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\ppgooglenaclpluginchrome.dll
MOD - [2011.09.14 10:41:51 | 003,696,184 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll
MOD - [2011.09.14 10:40:26 | 000,142,568 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\avutil-51.dll
MOD - [2011.09.14 10:40:24 | 000,253,320 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\avformat-53.dll
MOD - [2011.09.14 10:40:23 | 002,403,240 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\avcodec-53.dll
MOD - [2011.09.14 08:17:25 | 006,338,720 | ---- | M] () -- C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll
MOD - [2009.06.27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2004.12.20 19:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe

========== Services (SafeList) ==========

SRV:64bit: - [2012.08.21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.11.11 20:13:28 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.28 19:32:27 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.08.21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.08.21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.08.21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.08.21 10:13:12 | 000,044,272 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2012.08.21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.02.29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 16:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 16:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.04.14 20:23:09 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.04.14 20:09:46 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.12 00:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.02.09 04:53:34 | 000,302,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.04.11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser.sys -- (usbser)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012.11.12 16:58:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{24AA6B4F-3602-4648-A04F-242008706730}: "URL" = http://www.google.com/cse?cx=partner-pu ... 4067623346
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{588570AF-4CCD-4918-B0DE-D574AA4F1D81}: "URL" = http://search.yahoo.com/search?p={searc ... type=STDVM
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{611370B5-0C25-44d9-AF93-75E9D5AB66C4}: "URL" = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Toumes\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared [2011.03.16 20:25:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.24 19:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.28 19:32:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.28 19:32:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.11.19 23:49:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.28 19:32:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.28 19:32:23 | 000,000,000 | ---D | M]

[2011.03.16 20:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toumes\AppData\Roaming\Mozilla\Extensions
[2012.10.23 11:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\extensions
[2011.03.27 17:27:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.28 19:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.28 19:32:28 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.11 19:38:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.06.10 07:24:13 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.10 07:24:13 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.21 17:23:00 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.06.10 07:24:13 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.10 07:24:13 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.10 07:24:13 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Toumes\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\Toolbar\WebBrowser: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{904C2CFD-1ACB-48CF-935A-C901E93533EC}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\centrumcztoolbar - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c0691049-65ed-11e0-8729-1c6f65a067d5}\Shell - "" = AutoRun
O33 - MountPoints2\{c0691049-65ed-11e0-8729-1c6f65a067d5}\Shell\AutoRun\command - "" = K:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.11.12 17:10:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Toumes\Desktop\OTL.exe
[2012.11.11 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.11.11 22:04:59 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.08 21:14:35 | 000,000,000 | ---D | C] -- C:\Users\Toumes\Desktop\1_Detske-pisne-a-rikadla
[2012.11.07 17:43:02 | 000,000,000 | ---D | C] -- C:\Users\Toumes\Desktop\Písničky-pro-děti-(57-MP3)
[2012.11.07 17:27:33 | 000,000,000 | ---D | C] -- C:\Users\Toumes\Desktop\Dada-patrasová111

========== Files - Modified Within 7 Days ==========

[2012.11.12 17:15:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.11.12 17:10:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toumes\Desktop\OTL.exe
[2012.11.12 17:05:13 | 001,418,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.12 17:05:13 | 000,607,226 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.11.12 17:05:13 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.12 17:05:13 | 000,117,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.11.12 17:05:13 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.12 16:58:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.11.12 16:57:49 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.12 16:57:48 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.12 16:57:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.12 16:53:15 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.12 16:18:39 | 000,541,569 | ---- | M] () -- C:\Users\Toumes\Desktop\adwcleaner.exe
[2012.11.11 22:41:02 | 000,006,656 | ---- | M] () -- C:\Users\Toumes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.11 22:40:58 | 002,005,562 | ---- | M] () -- C:\Users\Toumes\Desktop\hranolky.wmv
[2012.11.11 22:04:40 | 000,935,175 | ---- | M] () -- C:\Users\Toumes\Desktop\RSITx64.exe
[2012.11.11 20:13:28 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.11 20:13:28 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.11 19:30:44 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.08 21:10:54 | 496,456,469 | ---- | M] () -- C:\Users\Toumes\Desktop\1_Detske-pisne-a-rikadla.zip
[2012.11.07 18:04:24 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.07 18:04:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.07 17:42:52 | 128,191,260 | ---- | M] () -- C:\Users\Toumes\Desktop\Písničky-pro-děti-(57-MP3).rar
[2012.11.07 17:18:59 | 533,511,246 | ---- | M] () -- C:\Users\Toumes\Desktop\Dada-patrasová111.zip

========== Files Created - No Company Name ==========

[2012.11.12 17:15:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.11.12 16:18:41 | 000,541,569 | ---- | C] () -- C:\Users\Toumes\Desktop\adwcleaner.exe
[2012.11.11 22:40:55 | 002,005,562 | ---- | C] () -- C:\Users\Toumes\Desktop\hranolky.wmv
[2012.11.11 22:04:41 | 000,935,175 | ---- | C] () -- C:\Users\Toumes\Desktop\RSITx64.exe
[2012.11.11 19:30:44 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.08 20:41:41 | 496,456,469 | ---- | C] () -- C:\Users\Toumes\Desktop\1_Detske-pisne-a-rikadla.zip
[2012.11.07 17:35:43 | 128,191,260 | ---- | C] () -- C:\Users\Toumes\Desktop\Písničky-pro-děti-(57-MP3).rar
[2012.11.07 16:47:00 | 533,511,246 | ---- | C] () -- C:\Users\Toumes\Desktop\Dada-patrasová111.zip
[2011.11.18 16:12:44 | 000,000,079 | ---- | C] () -- C:\Users\Toumes\AppData\Roaming\vso_ts_preview.xml
[2011.06.16 21:10:37 | 001,445,276 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.28 17:47:19 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.05.28 17:47:19 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.05.28 17:47:14 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.05.28 17:47:14 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.28 17:47:14 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.05.28 17:41:13 | 000,006,656 | ---- | C] () -- C:\Users\Toumes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.11 16:00:28 | 000,380,075 | ---- | C] () -- C:\Users\Toumes\AppData\Roaming\mdbu.bin
[2011.04.10 18:16:14 | 000,000,192 | ---- | C] () -- C:\Windows\winamp.ini
[2011.03.17 21:42:42 | 000,749,262 | ---- | C] () -- C:\Users\Toumes\jap.conf
[2011.03.17 16:41:58 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011.03.17 16:41:36 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011.03.17 16:41:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011.03.16 22:07:03 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011.03.16 20:25:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.03.16 19:47:07 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.03.16 19:44:22 | 000,000,732 | ---- | C] () -- C:\Users\Toumes\AppData\Local\d3d9caps64.dat

========== ZeroAccess Check ==========

[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.02.10 15:30:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Opera
[2011.11.20 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\CD-LabelPrint
[2011.04.14 20:11:02 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\DAEMON Tools Lite
[2011.05.11 16:01:39 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Happy Foto
[2012.11.11 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\ICQ
[2011.03.16 20:37:45 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Opera
[2011.11.20 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\PC Suite
[2012.04.08 17:20:28 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Unity
[2012.02.19 19:20:14 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Vso
[2011.04.30 17:54:58 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006.11.02 16:42:03 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 16:42:03 | 000,032,546 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.30 04:47:10 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:50:26 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009.04.11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.21 03:49:38 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009.04.11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.04.11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009.04.11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 03:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009.04.11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008.01.21 03:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.16 18:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010.04.06 09:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2011.06.17 21:14:30 | 001,424,272 | ---- | M] (Microsoft Corporation) MD5=19A7321E3A5F1DDB215D2815DCC8F8E4 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[2011.09.20 22:06:18 | 001,426,304 | ---- | M] (Microsoft Corporation) MD5=2CC45D932BD193CD4117321D469AD6B2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[2010.02.18 16:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 15:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 13:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 19:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 16:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2012.03.30 13:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) MD5=46D448E9117464E4D3BBF36D7E3FA48E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[2010.02.18 15:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2011.06.17 21:14:30 | 001,427,344 | ---- | M] (Microsoft Corporation) MD5=4DAD14118FBCF7C609F2A4CE21FBCC5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[2011.09.20 22:06:18 | 001,423,744 | ---- | M] (Microsoft Corporation) MD5=73BED5067ED53A9DF05FA8EAB42578D0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[2009.08.14 17:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 13:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 17:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2008.04.26 09:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.04.05 18:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010.06.16 18:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 08:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 17:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2012.03.30 13:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) MD5=AC8D5728E6AD6A7C4819D9A67008337A -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:45:03 | 001,422,720 | ---- | M] (Microsoft Corporation) MD5=AC8D5728E6AD6A7C4819D9A67008337A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[2010.02.18 15:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2010.06.17 00:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 17:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.15 23:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2008.04.26 09:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[54 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[130 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{83B334E7-5054-4EE0-BA50-85F2763579C2}\*.tmp files -> C:\Windows\Temp\{83B334E7-5054-4EE0-BA50-85F2763579C2}\*.tmp -> ]
[1 C:\Windows\Temp\{F1BA3C24-6B23-4542-A327-23E38E5E5C88}\*.tmp files -> C:\Windows\Temp\{F1BA3C24-6B23-4542-A327-23E38E5E5C88}\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.03.17 19:18:28 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Adobe
[2012.02.26 09:15:19 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Ahead
[2011.03.23 20:50:31 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Apple Computer
[2011.11.20 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\CD-LabelPrint
[2011.04.14 20:11:02 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\DAEMON Tools Lite
[2011.05.11 16:01:39 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Happy Foto
[2012.11.11 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\ICQ
[2011.03.16 19:44:43 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Identities
[2011.03.16 20:23:44 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Macromedia
[2011.03.16 20:56:23 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Media Center Programs
[2011.05.28 17:25:18 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Media Player Classic
[2012.10.11 16:51:06 | 000,000,000 | --SD | M] -- C:\Users\Toumes\AppData\Roaming\Microsoft
[2011.03.16 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Mozilla
[2011.04.29 19:56:01 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\NVIDIA
[2011.03.16 20:37:45 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Opera
[2011.11.20 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\PC Suite
[2011.04.14 20:21:01 | 000,000,000 | RH-D | M] -- C:\Users\Toumes\AppData\Roaming\SecuROM
[2012.04.08 17:20:28 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Unity
[2012.02.19 19:20:14 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Vso
[2011.11.18 16:19:56 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\WinRAR
[2011.04.30 17:54:58 | 000,000,000 | ---D | M] -- C:\Users\Toumes\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.04.14 21:13:25 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Toumes\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.11.12 16:53:15 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.11.11 20:13:28 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.11.11 20:13:28 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:51:33 | 000,138,240 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files (x86)\ICQ7.4\ICQ.exe" silent loginmode=4 -- [2011.03.16 20:39:29 | 000,119,608 | ---- | M] (ICQ, LLC.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG)
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.28 19:32:28 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=E60E9D5F229CB8DA347D48ADD6E8DC47 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.11.12 17:07:38 | 000,878,480 | ---- | M] (Opera Software) MD5=39572432B2568AAF584B4CBB3C576913 -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.11.12 17:15:53 | 000,000,512 | ---- | M] () MD5=6020972644D90CCF3DB751F3DEDECA52 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.04.24 09:22:14 | 006,638,616 | R--- | M] () -- \Program Files (x86)\Atari\Test Drive Unlimited\Euro\Radio\Radio Bot\Fix the Cracks - Humanzi.mp3
[2012.07.15 08:44:56 | 000,003,939 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01WWS02F\item_stringoffirecrackers_01[1].gif
[2012.07.01 07:35:59 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\item_crackofthebat_01[1].png
[2012.07.04 19:15:30 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\item_crackofthebat_01[2].png
[2012.06.28 19:27:26 | 000,003,939 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\item_stringoffirecrackers_01[1].gif
[2012.10.08 17:16:26 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FR5RLWH3\item_crackofthebat_01[1].png
[2012.07.01 07:58:28 | 000,003,939 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWNKGD73\item_stringoffirecrackers_01[1].gif
[2012.04.13 21:51:33 | 000,003,939 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CHYX6UWU\item_stringoffirecrackers_01[1].gif
[2012.04.13 21:45:30 | 000,010,004 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KDYTI87F\item_skullcracker_01_lvl5[1].png
[2012.04.19 20:03:47 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MU3LDVXH\item_crackofthebat_01[1].png
[2012.10.31 19:28:50 | 000,003,939 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R7BALHRU\item_stringoffirecrackers_01[1].gif
[2012.06.06 19:30:30 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SLFQOJ9X\item_crackofthebat_01[1].png
[2012.05.29 21:32:42 | 000,009,948 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SLFQOJ9X\item_skullcracker_01_lvl4[1].png
[2012.07.15 08:34:50 | 000,010,702 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UDEZKG6R\item_crackofthebat_01[1].png
[2012.06.12 19:48:49 | 000,010,004 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W0NIGQRP\item_skullcracker_01_lvl5[1].png
[2012.04.19 08:56:29 | 000,009,948 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X9QGVR2I\item_skullcracker_01_lvl3[1].png
[2012.05.13 16:00:10 | 113,065,668 | ---- | M] () -- \Users\Toumes\Desktop\Phoenix-Service-Software-2012.16.004.48159-Cr_cked\Phoenix Service Software 2012.16.004.48159 Cracked.exe

< *keygen* /s >
[2009.08.16 15:06:58 | 000,035,840 | ---- | M] () -- \Users\Toumes\Desktop\CallRecorder_1_04\keygen.exe
[2012.02.10 16:25:05 | 008,774,656 | ---- | M] () -- \Users\Toumes\Desktop\Nová složka (3)\Call-of-Duty-6-Modern-Warfare-2-keygen.exe

tommmmm · #8 Příspěvek od **tommmmm** » 12 lis 2012 17:39

< *loader* /s >
[2010.03.26 07:33:30 | 000,003,754 | ---- | M] () -- \Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2003.11.01 14:57:46 | 000,052,021 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKUEDGE_INTEL_1.adl
[2003.11.01 14:57:46 | 000,052,021 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2003.11.01 14:57:46 | 000,051,783 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKU_INTEL_2.adl
[2003.11.01 14:57:46 | 000,051,783 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKU_SAMSUNG_2.adl
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.03.03 20:26:40 | 000,048,315 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2011.03.03 20:26:40 | 000,015,895 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2012.09.20 14:50:44 | 000,001,538 | ---- | M] () -- \Program Files (x86)\HF Designer\Loader.elf
[2012.09.20 14:49:28 | 000,778,904 | ---- | M] () -- \Program Files (x86)\HF Designer\Loader.exe
[2011.03.16 20:39:28 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.03.16 20:39:29 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.03.16 20:39:28 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.25 19:42:48 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.04.11 15:50:07 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.03.16 20:41:12 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.03.16 20:41:12 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2008.09.22 20:25:14 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\PhysXLoader.dll
[2009.03.02 04:16:04 | 001,573,254 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\steerable\fendt\fendt614_frontloader.i3d
[2009.03.08 13:59:18 | 000,005,012 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\steerable\fendt\fendt614_frontloader.xml
[2009.03.16 12:23:04 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\steerable\fendt\frontloader_diffuse.dds
[2009.02.27 21:23:06 | 000,077,314 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderBalefork.i3d
[2009.02.25 19:27:10 | 000,000,661 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderBalefork.xml
[2009.03.16 12:24:42 | 000,043,832 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderBalefork_diffuse.dds
[2009.02.19 21:43:42 | 000,071,544 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderPalletfork.i3d
[2009.02.25 19:27:10 | 000,000,662 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderPalletfork.xml
[2009.03.16 12:24:44 | 000,087,528 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderPalletfork_diffuse.dds
[2009.02.19 21:43:42 | 000,066,726 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderShovel.i3d
[2009.02.25 19:27:10 | 000,000,646 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderShovel.xml
[2009.03.16 12:24:44 | 000,087,528 | ---- | M] () -- \Program Files (x86)\Landwirtschafts-Simulator 2009\data\vehicles\tools\frontloaderShovel_diffuse.dds
[2008.02.11 05:42:22 | 000,106,496 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\cmn_fileloaderfn.dll
[2006.03.08 12:37:06 | 000,010,832 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader.bin
[2007.05.10 16:15:08 | 000,010,260 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader_c55xx.bin
[2006.04.03 15:46:12 | 000,011,170 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader_no_ext_sram.bin
[2004.06.01 09:49:00 | 000,011,436 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\AutoLoader.pm
[2004.06.01 09:53:08 | 000,028,959 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\DynaLoader.pm
[2004.06.01 09:53:08 | 000,008,852 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\XSLoader.pm
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.08.22 22:20:58 | 000,003,784 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVDGCSYF\bundleloader[1].js
[2012.08.22 22:21:02 | 000,000,723 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVDGCSYF\downloaderror[1].js
[2012.11.11 20:12:44 | 000,000,723 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVDGCSYF\downloaderror[2].js
[2012.08.22 22:21:02 | 000,001,174 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVDGCSYF\downloader[1].js
[2012.11.11 20:12:44 | 000,001,174 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVDGCSYF\downloader[2].js
[2012.11.11 20:12:42 | 000,003,784 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PV0VJ45T\bundleloader[1].js
[2012.07.15 08:45:08 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01WWS02F\trackloader_b75x[1].gif
[2012.06.28 19:27:08 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2R6FR1K2\ajax-loader[1].gif
[2012.07.07 11:16:04 | 000,214,317 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2R6FR1K2\gameloader[1].swf
[2012.06.28 19:26:32 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2R6FR1K2\loader[1].js
[2012.07.01 07:32:32 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2R6FR1K2\mw_loader_final_v2[1].gif
[2012.07.04 14:05:36 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\ajax-loader[1].gif
[2012.07.01 07:32:36 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\loader[1].js
[2012.07.04 14:05:20 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\mw_loader_final_v2[1].gif
[2012.07.08 19:49:38 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5R2W4EKS\mw_loader_final_v2[2].gif
[2012.11.02 08:52:12 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\933RDQ2I\loader[1].js
[2012.08.02 18:10:02 | 000,002,545 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9ELO3AEJ\loader[1].gif
[2012.06.18 17:09:41 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FBUIFBNX\loader[1].js
[2012.06.26 14:58:05 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FBUIFBNX\loader[2].js
[2012.06.05 19:21:15 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FSAGMSTS\ajax-loader[1].gif
[2012.05.29 21:29:32 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FSAGMSTS\trackloader_b75x[1].gif
[2012.07.04 14:05:46 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWNKGD73\ajax-loader[1].gif
[2012.06.28 19:26:29 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWNKGD73\mw_loader_final_v2[1].gif
[2012.06.28 19:27:28 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWNKGD73\trackloader_b75x[1].gif
[2012.07.07 11:16:13 | 000,056,885 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HFX6EX5J\avatarloader[1].swf
[2012.07.04 14:05:31 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HFX6EX5J\loader[1].js
[2012.10.30 20:40:02 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJB0Y2ZV\ajax-loader[1].gif
[2012.11.02 06:15:19 | 000,025,664 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJB0Y2ZV\PaymentsLoader.min[1].js
[2012.05.26 10:11:28 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I7YPS0EN\ajax-loader[1].gif
[2012.06.26 15:07:03 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K7EM7XM7\ajax-loader[1].gif
[2012.03.22 22:05:55 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KDYTI87F\loader[1].js
[2012.05.20 11:52:18 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MU3LDVXH\loader[1].js
[2012.05.20 15:28:47 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PI05V0V9\mw_loader_final_v2[1].gif
[2012.10.30 20:39:54 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QDWFL3KG\ajax-loader[1].gif
[2012.10.05 17:22:39 | 000,013,728 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R7BALHRU\mw_loader_final_v2[1].gif
[2012.10.31 19:29:00 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R7BALHRU\trackloader_b75x[1].gif
[2012.06.05 21:02:28 | 000,014,590 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RUALO8RH\preloader[1].gif
[2012.07.14 20:02:53 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RY1C94O8\ajax-loader[1].gif
[2012.07.14 20:05:23 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RY1C94O8\ajax-loader[2].gif
[2012.07.18 15:30:35 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RY1C94O8\loader[1].js
[2012.08.02 13:41:13 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UDEZKG6R\loader[2].js
[2012.05.26 10:11:23 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VPQFOMZA\loader[1].js
[2012.05.26 10:31:28 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VPQFOMZA\trackloader_b75x[1].gif
[2012.05.29 21:24:42 | 000,001,737 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WBV7V5HM\loader[1].gif
[2012.06.05 21:02:55 | 000,003,783 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WBV7V5HM\loader[1].js
[2012.04.12 19:32:42 | 000,008,238 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XSZ0HWEJ\ajax-loader[1].gif
[2012.04.19 09:05:40 | 000,003,712 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XSZ0HWEJ\loader[1].js
[2012.04.13 21:55:55 | 000,003,900 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XSZ0HWEJ\trackloader_b75x[1].gif
[2012.05.20 12:37:24 | 000,023,365 | ---- | M] () -- \Users\Toumes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZUXA9IXV\BGA_adLoader[1].swf
[2012.02.11 14:55:41 | 000,000,060 | ---- | M] () -- \Users\Toumes\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTREBFVW\superhry.cz\HSO_40e1f8z\bushroaylits.swf\MiniclipLoaderAd.sol
[2011.04.18 15:37:29 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.12.23 00:44:56 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7AAD05CE36D4E7A4D888AFF3F90DE9E4\2011.2.0\ta_productapiloader..E185388E_0760_4748_92CB_CE9A9A19D7B4
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.01.21 10:29:25 | 000,005,276 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b.manifest
[2008.01.21 10:29:25 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b_winload.efi.mui_35ee487d
[2008.01.21 10:29:25 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b_winload.exe.mui_3bc5b827
[2008.01.21 10:29:25 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b_winresume.efi.mui_f412814e
[2008.01.21 10:29:25 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b_winresume.exe.mui_ff8b5358
[2011.05.07 12:14:35 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb.manifest
[2011.05.07 12:14:36 | 001,076,608 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winload.efi_75834aa0
[2011.05.07 12:14:36 | 001,063,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winload.exe_75835076
[2011.05.07 12:14:36 | 000,991,104 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winresume.efi_85cd069f
[2011.05.07 12:14:37 | 000,979,840 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb_winresume.exe_85cd1215
[2011.05.07 12:14:28 | 000,004,168 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134.manifest
[2011.05.07 12:14:28 | 000,019,432 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134_spldr.sys_98bd87a0
[2008.02.29 08:26:46 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_27bb02f6b077b2c1.manifest
[2008.02.29 08:30:04 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_d0abd8ef9f55be86.manifest
[2008.02.29 16:31:17 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_d07735d39f7cb02b.manifest
[2008.02.29 14:16:12 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_732eabd2924ec68d.manifest
[2008.02.29 16:33:37 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_5d56a2196980ac0b.manifest
[2008.02.29 08:52:10 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_ff7c21265c9bbde6.manifest
[2008.02.29 14:07:00 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_89b7ca4e285dba8d.manifest
[2008.02.29 08:27:56 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_28155ee9c9b95cf3.manifest
[2008.02.29 08:20:31 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_d10634e2b89768b8.manifest
[2008.02.29 12:20:42 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_d0d191c6b8be5a5d.manifest
[2008.02.29 12:49:38 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_738907c5ab9070bf.manifest
[2008.02.29 12:20:29 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_5db0fe0c82c2563d.manifest
[2008.02.29 08:58:04 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_ffd67d1975dd6818.manifest
[2008.02.29 12:34:34 | 000,004,353 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_8a122641419f64bf.manifest
[2008.01.21 10:11:33 | 000,005,276 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_8f610a2db566eb4b.manifest
[2008.02.29 08:29:24 | 000,005,771 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_b539d91c27f8c85b.manifest
[2008.02.29 08:16:24 | 000,005,771 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_b594350f413a728d.manifest
[2008.01.21 03:42:42 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_b74555b62504517e.manifest
[2008.02.29 09:15:37 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_b736b7e4250e3ac1.manifest
[2011.02.28 09:28:48 | 000,007,115 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18606_none_b74b62d624fed872.manifest
[2008.02.29 08:55:51 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_b7be541b3e2da7dd.manifest
[2011.02.28 09:28:48 | 000,007,115 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22861_none_b78f208d3e519e56.manifest
[2009.04.11 00:40:12 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_b930cec222261cca.manifest
[2011.02.24 17:59:25 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18411_none_b92205462231c7fb.manifest
[2011.02.24 17:45:29 | 000,006,704 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.22596_none_b95a24233b8bc600.manifest
[2006.11.02 13:21:14 | 000,004,253 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_c51b01c10c8e4514.manifest
[2008.01.21 03:37:29 | 000,004,176 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_c751c3bd097955e8.manifest
[2009.04.11 00:43:16 | 000,004,168 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6002.18005_none_c93d3cc9069b2134.manifest
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 03:47:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< End of report >

tommmmm · #9 Příspěvek od **tommmmm** » 12 lis 2012 17:40

OTL Extras logfile created on: 12.11.2012 17:12:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toumes\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,63% Memory free
16,05 Gb Paging File | 13,24 Gb Available in Paging File | 82,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 183,38 Gb Free Space | 61,52% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 458,88 Gb Free Space | 76,97% Space Free | Partition Type: NTFS

Computer Name: TOMAS-PC | User Name: Toumes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = EA 3F E5 F5 A3 0D CC 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{356012EC-2A50-45A3-B3DD-C51F36F77EB9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2BE39F62-5133-414B-8F7A-375DE917F8DB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3CBF2864-0023-48D6-97AF-F2100B5F820D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{49391CB3-7A6D-4EC0-98B7-4995D9E2DBC0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{668C4758-AB4D-4B07-AE08-2952E8845AD4}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{683DE301-EA02-4CD6-BB2D-16DFCF6CFB54}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{7EFB8FE7-47E8-4E24-A46B-8B4E1DF957E8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{83AF1EF8-11F7-4357-9355-6309281886B1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{85257657-AEBE-42CE-9945-48C4292EC6E9}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8F84AA1B-B40D-4BE0-B07A-5491D44E3A32}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A62FE259-E564-4D0F-800C-32B018071064}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C9A4FF2E-85B1-4462-80CC-E0D9465B6C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{CC4145F5-728C-4BC1-8948-FDD9AA48D6AB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{E18D7840-9B83-49A0-A224-CBDD301576D7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F113C359-8438-409A-8134-7F8929E77493}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"TCP Query User{0B217331-ADD2-439B-946F-42C89762121F}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe |
"TCP Query User{443588B1-FB1E-4C4F-8B7B-3B67DD45D5F1}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"TCP Query User{4F0845EF-595F-40DD-A2E1-96BB0FA9916B}C:\program files (x86)\common files\nokia\fuse\fuse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe |
"TCP Query User{85592FC0-4AE6-46CF-A59E-8EE359D2C0DE}C:\program files (x86)\nokia\phoenix\phoenix.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\phoenix\phoenix.exe |
"UDP Query User{28F40C7E-DA2D-4764-9722-602FB35E8C8B}C:\program files (x86)\common files\nokia\fuse\fuse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe |
"UDP Query User{7A30AEB7-85CB-474D-91B1-0FB7272B2797}C:\program files (x86)\nokia\phoenix\phoenix.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\phoenix\phoenix.exe |
"UDP Query User{7B87317F-D63A-43F1-8375-BF6BF9EF78E1}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{A568AD3E-D614-4DB9-B077-B06F07C8655E}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 266.44
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 266.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 266.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista
"{8E72B982-D54F-486F-B35A-C24B6F171029}" = Nero 7 Essentials
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EC50DAA7-4D63-4A7E-8D88-FA3F9FD09E4E}" = Phoenix Service Software
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"FLV Player" = FLV Player 2.0 (build 25)
"Fraps" = Fraps
"HappyFoto-Designer_is1" = HF Designer 2.7
"JAP" = JAP
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.0
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NSS" = NSS (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.10.1652" = Opera 12.10
"Phoenix Service Software 2011.02.000.44842_is1" = Phoenix Service Software 2011.02.000.44842
"Phoenix Service Software 2012.24.000.48366_is1" = Phoenix Service Software 2012.24.000.48366
"PokerStars" = PokerStars
"Registrace uživatele zařízení Canon iP4600 series" = Registrace uživatele zařízení Canon iP4600 series
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.11.2012 11:50:21 | Computer Name = Tomas-PC | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 7.11.2012 10:48:39 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 7.11.2012 13:08:38 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 7.11.2012 13:10:55 | Computer Name = Tomas-PC | Source = WinDefend | ID = 2004
Description =

Error - 7.11.2012 13:13:18 | Computer Name = Tomas-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 9.11.2012 16:14:41 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 9.11.2012 16:18:45 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10.11.2012 4:17:49 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 11.11.2012 15:01:38 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 12.11.2012 11:47:18 | Computer Name = Tomas-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:45:24, 12.11.2012) bylo neočekávané.

Error - 12.11.2012 11:59:26 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7009
Description =

< End of report >

tommmmm · #10 Příspěvek od **tommmmm** » 12 lis 2012 20:40

#11 Příspěvek od **vyosek** » 12 lis 2012 21:27

tommmmm píše:.

Toto si prosim odpustte

Odpovedi se dockate, ale ze svitim online, neznamena ze jsme na foru, nebo se mohu venovat cinnosti v internich sekcich (probirani dulezitych zmen na foru, skolka pro radce apod.)

Nase forum funguje na bazi dobrovolnosti - jsme tu zdarma a ve svem volnem case. Pokud chcete urgentni pomoc, mel jste si zaplatit specialistu, kde se muzete okamziteho reseni domahat. Podobne jednani co predvadite jen radce rozprudi a treba si odpoved necha az na konec

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{24AA6B4F-3602-4648-A04F-242008706730}: "URL" = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{588570AF-4CCD-4918-B0DE-D574AA4F1D81}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{611370B5-0C25-44d9-AF93-75E9D5AB66C4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-4146960782-3890957463-14812711-1000\..\Toolbar\WebBrowser: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\centrumcztoolbar - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
O33 - MountPoints2\{c0691049-65ed-11e0-8729-1c6f65a067d5}\Shell - "" = AutoRun
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{83B334E7-5054-4EE0-BA50-85F2763579C2}\*.tmp files -> C:\Windows\Temp\{83B334E7-5054-4EE0-BA50-85F2763579C2}\*.tmp -> ]
[1 C:\Windows\Temp\{F1BA3C24-6B23-4542-A327-23E38E5E5C88}\*.tmp files -> C:\Windows\Temp\{F1BA3C24-6B23-4542-A327-23E38E5E5C88}\*.tmp -> ]
[2012.11.12 16:53:15 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=-
"DAEMON Tools Lite"=-
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
""=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=-
"QuickTime Task"=-
"WinampAgent"=-
"GrooveMonitor"=-
"Adobe ARM"=-

:files
c:\Users\Toumes\Desktop\CallRecorder_1_04\keygen.exe /d
c:\Users\Toumes\Desktop\Nová složka (3)\Call-of-Duty-6-Modern-Warfare-2-keygen.exe /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

tommmmm · #12 Příspěvek od **tommmmm** » 12 lis 2012 22:01

Moc se omlouvam, byla to ode me blbost

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
HKU\S-1-5-21-4146960782-3890957463-14812711-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ not found.
File C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll not found.
HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{24AA6B4F-3602-4648-A04F-242008706730}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24AA6B4F-3602-4648-A04F-242008706730}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{588570AF-4CCD-4918-B0DE-D574AA4F1D81}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{588570AF-4CCD-4918-B0DE-D574AA4F1D81}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{611370B5-0C25-44d9-AF93-75E9D5AB66C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{611370B5-0C25-44d9-AF93-75E9D5AB66C4}\ not found.
Registry key HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Prefs.js: "Centrum.cz Search" removed from browser.search.defaultenginename
Prefs.js: "Centrum.cz Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-4146960782-3890957463-14812711-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\centrumcztoolbar\ not found.
File Protocol\Handler\centrumcztoolbar - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ not found.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
File Protocol\Handler\ms-help - No CLSID value found not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\centrumcztoolbar\ not found.
File C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0691049-65ed-11e0-8729-1c6f65a067d5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c0691049-65ed-11e0-8729-1c6f65a067d5}\ not found.
File/Folder C:\Windows\Installer\*.tmp not found.
File/Folder C:\Windows\Temp\*.tmp not found.
File/Folder C:\Windows\Temp\{83B334E7-5054-4EE0-BA50-85F2763579C2}\*.tmp not found.
File/Folder C:\Windows\Temp\{F1BA3C24-6B23-4542-A327-23E38E5E5C88}\*.tmp not found.
File C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCU not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
========== FILES ==========
File\Folder c:\Users\Toumes\Desktop\CallRecorder_1_04\keygen.exe not found.
File\Folder c:\Users\Toumes\Desktop\Nová složka (3)\Call-of-Duty-6-Modern-Warfare-2-keygen.exe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tomas
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Tomas.Tomas-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Tomas.Tomas-PC.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Toumes
->Temp folder emptied: 305727353 bytes
->Temporary Internet Files folder emptied: 1202393123 bytes
->Java cache emptied: 506760 bytes
->FireFox cache emptied: 210791699 bytes
->Google Chrome cache emptied: 71107107 bytes
->Opera cache emptied: 11619478 bytes
->Flash cache emptied: 127439 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2576002430 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2218288281 bytes

Total Files Cleaned = 6 291,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Tomas

User: Tomas.Tomas-PC

User: Tomas.Tomas-PC.000
->Flash cache emptied: 0 bytes

User: Toumes
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Tomas

User: Tomas.Tomas-PC

User: Tomas.Tomas-PC.000
->Java cache emptied: 0 bytes

User: Toumes
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 11122012_214306

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 12 lis 2012 22:09

Fajn, OTL udelalo co melo, jak se chova PC

tommmmm · #14 Příspěvek od **tommmmm** » 12 lis 2012 22:27

Ok nacitani internetu vypada jako drive

. Jen mi u MaM neustale vyskakuje hlaska o zablokovani: uspesne byl zablokovan pristup k potencialne skodlive webove strance 88.86.119.246.
Typ - odchozi
Port - 50577
Proces - avastsvc.exe
pokud dam vyjimku a zadam cestu k souboru tak to nepomaha (nejde mi stranka bazos.cz)

#15 Příspěvek od **vyosek** » 12 lis 2012 22:37

MalwareBytes doporucuji bud odinstalovat nebo vypnout a pouzivat jen obcas na jednorazovy sken...jinak muze byt v kolizi s antivirem

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Komtrola

Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola

Re: Komtrola