skype spam virus

Zpráva

#16 Příspěvek od **vyosek** » 19 úno 2013 13:38

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

oceanik · #17 Příspěvek od **oceanik** » 22 úno 2013 22:32

OTL logfile created on: 22.2.2013 22:01:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jura\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 56,48% Memory free
5,49 Gb Paging File | 4,11 Gb Available in Paging File | 74,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42,00 Gb Total Space | 3,26 Gb Free Space | 7,75% Space Free | Partition Type: NTFS
Drive D: | 423,76 Gb Total Space | 178,32 Gb Free Space | 42,08% Space Free | Partition Type: NTFS

Computer Name: JURA-NBNEPCOMG | User Name: Jura | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.02.19 23:19:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.01.05 09:45:38 | 000,980,376 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.09.28 15:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.09.28 02:38:42 | 000,473,088 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.09.28 02:38:02 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.04.24 22:56:23 | 000,624,856 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.01.08 14:32:56 | 000,105,160 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.06.16 17:00:28 | 000,315,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.27 11:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.05.06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.16 15:26:10 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.04.08 14:02:22 | 000,273,024 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.03.03 11:13:20 | 001,824,040 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam 2.4\ManyCam.exe
PRC - [2010.02.05 09:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.02.04 13:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.01.13 13:24:48 | 000,509,320 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.01.08 10:10:38 | 001,600,456 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010.01.05 12:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.12.15 09:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.07 15:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe
PRC - [2009.06.19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe

========== Modules (No Company Name) ==========

MOD - [2013.02.14 10:17:51 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 10:15:14 | 012,079,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\3c91ba6c15b631f11c4c4d70985811ea\System.Web.ni.dll
MOD - [2013.02.14 00:38:01 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\789cdf96ae5e6e6c1e054d4c7bb241b3\System.Windows.Forms.ni.dll
MOD - [2013.01.11 14:36:38 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013.01.11 14:36:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 01:18:55 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fa20f188218a569fef1601627ecde6fe\PresentationFramework.ni.dll
MOD - [2013.01.11 01:18:40 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\51c79ab88752eff7bc0b3bfc6041fdef\PresentationCore.ni.dll
MOD - [2013.01.11 01:18:28 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\19385e0020f74f7f1c6b13c29f16b59e\WindowsBase.ni.dll
MOD - [2013.01.11 01:18:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013.01.11 01:18:18 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013.01.11 01:18:17 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013.01.11 01:18:09 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.01.11 01:18:09 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013.01.11 01:18:08 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.01.11 01:18:01 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012.09.28 15:42:42 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012.01.08 14:32:56 | 000,567,496 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2012.01.08 14:32:56 | 000,105,160 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2012.01.08 14:30:24 | 000,017,920 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WifiStatus.dll
MOD - [2012.01.08 14:30:20 | 000,023,040 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
MOD - [2012.01.08 14:30:18 | 000,143,360 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2012.01.08 14:30:04 | 000,025,600 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\SysInfo.dll
MOD - [2012.01.08 14:29:56 | 000,020,992 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2011.02.27 14:21:06 | 000,068,720 | ---- | M] () -- D:\programy\Miranda IM\plugins\shlext.dll
MOD - [2010.02.03 15:47:44 | 000,040,960 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2010.01.11 09:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.04.17 07:17:48 | 000,037,376 | ---- | M] () -- C:\Program Files\ManyCam 2.4\ImageLayer.dll
MOD - [2009.04.17 07:06:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ManyCam 2.4\VideoSrc.ax
MOD - [2009.04.17 07:06:32 | 000,331,776 | ---- | M] () -- C:\Program Files\ManyCam 2.4\InputFilter.ax
MOD - [2009.04.17 07:06:24 | 000,092,672 | ---- | M] () -- C:\Program Files\ManyCam 2.4\CrashRpt.dll
MOD - [2008.11.05 10:06:16 | 000,053,760 | ---- | M] () -- C:\Program Files\ManyCam 2.4\zlib.dll
MOD - [2008.07.28 09:34:06 | 000,057,344 | ---- | M] () -- C:\Program Files\ManyCam 2.4\cyltracker08.dll
MOD - [2008.03.30 15:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2007.10.02 14:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 17:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2013.02.19 22:40:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.09 20:50:26 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.02 13:55:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.09.28 15:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.09.28 02:38:02 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.24 22:56:23 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.04.22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.11.03 19:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.07.05 22:15:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.03.28 20:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.27 11:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.05.06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 09:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.07 15:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\vserial.sys -- (vserial)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTSimHid.sys -- (PTSimHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTSimBus.sys -- (PTSimBus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jura\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (arfhsqws)
DRV - [2012.11.15 19:20:19 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.10.02 20:03:10 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2012.09.28 03:20:20 | 009,107,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.09.28 02:12:10 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.05.14 07:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012.04.22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.04.09 10:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.19 01:46:06 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapoas.sys -- (tapoas)
DRV - [2011.07.29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011.04.26 11:21:06 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011.04.23 19:30:16 | 000,028,936 | ---- | M] (WeOnlyDo Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wod0205.sys -- (wod0205)
DRV - [2011.01.18 17:38:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\programy\Visual\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.27 11:56:00 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2010.08.01 22:01:04 | 000,026,112 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\remobo32.sys -- (hipeer20)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010.05.06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 21:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.05.06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2009.12.22 01:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.23 16:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.02 16:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.05.13 08:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.05.05 03:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009.03.30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.01.14 11:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.05.02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.07.24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{C0EFFB16-BB3B-4DFF-98FD-CE1FC9EBB753}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{C7A864F6-8AFE-4BA3-8B86-4CD86E2DF15E}: "URL" = http://websearch.ask.com/redirect?clien ... 72468667F0
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.196.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\4game.com/plugin: D:\programy\4game\npplugin4game.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jura\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jura\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jura\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jura\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Remobo\apps\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Remobo\apps\Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.19 22:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.20 22:34:42 | 000,000,000 | ---D | M]

[2011.07.04 18:54:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jura\AppData\Roaming\Mozilla\Extensions
[2013.02.14 17:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\extensions
[2013.01.11 00:58:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.02.04 19:24:16 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\extensions\battlefieldheroespatcher@ea.com
[2013.02.14 17:40:40 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.19 22:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.19 22:40:47 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.19 22:40:43 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 22:40:43 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 22:40:43 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 22:40:42 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.19 22:40:42 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnckbpoocgdleejmfmafgmkngaipgol\2.3.4_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\
CHR - Extension: No name found = C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.02.11 00:38:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000..\Run: [ManyCam] C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.2.254 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10A3C7F9-D839-4438-ADDF-7BCB276FB438}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48AE9F0C-97F2-4D35-9BD8-896C8E56F8E4}: DhcpNameServer = 10.0.2.254 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89B0EC20-2CC4-482D-BBBF-A946F0E830FB}: DhcpNameServer = 193.179.143.3 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.02.20 17:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite 12
[2013.02.20 17:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013.02.20 10:54:59 | 000,000,000 | ---D | C] -- C:\Users\Jura\.idlerc
[2013.02.19 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013.02.19 23:31:19 | 000,000,000 | ---D | C] -- C:\Python27
[2013.02.19 23:19:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2013.02.19 22:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.19 11:43:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.19 11:42:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.19 11:35:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.19 11:35:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.19 11:35:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.19 11:34:59 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.02.19 10:00:36 | 005,034,457 | R--- | C] (Swearware) -- C:\Users\Jura\Desktop\ComboFix.exe
[2013.02.18 18:23:47 | 000,000,000 | ---D | C] -- C:\Users\Jura\Documents\SavedGames
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.02.22 22:03:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.02.22 21:09:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
[2013.02.22 20:45:00 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:45:00 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:35:12 | 003,845,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.22 20:34:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.22 20:34:23 | 2212,884,480 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.21 18:30:57 | 000,000,059 | ---- | M] () -- C:\Users\Jura\Documents\aionmemo_5ad3dd88.dat
[2013.02.21 15:47:13 | 000,735,048 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.02.21 15:47:13 | 000,720,402 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.21 15:47:13 | 000,165,738 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.02.21 15:47:13 | 000,146,364 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.21 07:09:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
[2013.02.19 23:19:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jura\Desktop\OTL.exe
[2013.02.19 10:01:02 | 005,034,457 | R--- | M] (Swearware) -- C:\Users\Jura\Desktop\ComboFix.exe
[2013.02.18 01:09:16 | 000,000,120 | ---- | M] () -- C:\Users\Jura\Documents\AutoHotkey.ahk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.02.22 22:03:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.02.19 11:35:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.19 11:35:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.19 11:35:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.19 11:35:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.19 11:35:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.10.18 07:19:00 | 000,000,017 | ---- | C] () -- C:\Users\Jura\AppData\Local\resmon.resmoncfg
[2012.10.09 10:14:23 | 000,000,400 | ---- | C] () -- C:\Windows\g_jdmjol307.ini
[2012.10.09 10:14:23 | 000,000,400 | ---- | C] () -- C:\Windows\System32\drivers\bdpnqch720.dat
[2012.10.02 20:37:55 | 000,045,270 | ---- | C] () -- C:\Users\Jura\AppData\Roaming\room_v3.dat
[2012.10.02 16:26:46 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2012.09.28 15:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.09.28 02:21:22 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.09.28 02:21:22 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.09.11 16:43:48 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll
[2012.09.11 16:43:48 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll
[2012.09.11 16:43:48 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll
[2012.09.11 16:43:48 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll
[2012.08.09 12:08:10 | 000,001,869 | ---- | C] () -- C:\Users\Jura\writer2latex.xml
[2012.06.06 15:36:51 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012.06.06 15:34:55 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2012.06.06 08:37:56 | 000,000,400 | ---- | C] () -- C:\Windows\System32\drivers\ddpnqch193.dat
[2012.06.06 08:37:56 | 000,000,400 | ---- | C] () -- C:\Windows\d_jdmjol169.ini
[2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.04.17 09:14:31 | 000,000,615 | ---- | C] () -- C:\Windows\eReg.dat
[2012.02.07 18:06:12 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012.02.07 18:06:11 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012.02.07 18:06:11 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012.02.07 18:06:11 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012.02.07 18:06:11 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012.01.01 23:11:08 | 000,000,056 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2012.01.01 22:03:29 | 000,000,005 | ---- | C] () -- C:\Windows\System32\SySatm.dat
[2011.12.12 16:31:30 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2011.12.09 21:10:57 | 000,000,218 | ---- | C] () -- C:\Users\Jura\AppData\Local\recently-used.xbel
[2011.12.09 21:06:40 | 000,000,050 | ---- | C] () -- C:\Users\Jura\.gtk-bookmarks
[2011.11.30 18:52:09 | 000,968,192 | ---- | C] () -- C:\Windows\System32\alld42.dll
[2011.11.30 18:52:09 | 000,577,536 | ---- | C] () -- C:\Windows\System32\allp42.dll
[2011.11.30 18:52:09 | 000,272,384 | ---- | C] () -- C:\Windows\System32\alleg42.dll
[2011.11.21 09:22:20 | 000,217,088 | ---- | C] () -- C:\Windows\System32\WinTab32.dll
[2011.11.21 09:22:20 | 000,010,240 | ---- | C] () -- C:\Windows\System32\ucinst32.dll
[2011.11.21 09:22:16 | 000,335,872 | ---- | C] () -- C:\Windows\SetupX32.EXE
[2011.11.02 17:12:55 | 000,127,900 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.10.16 11:44:04 | 000,000,173 | ---- | C] () -- C:\Users\Jura\AppData\Local\msmathematics.qat.Jura
[2011.09.29 20:15:15 | 000,138,056 | ---- | C] () -- C:\Users\Jura\AppData\Roaming\PnkBstrK.sys
[2011.09.14 08:30:45 | 000,000,132 | ---- | C] () -- C:\Users\Jura\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.07.29 07:50:16 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.07.29 07:50:15 | 000,139,648 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.07.29 07:50:07 | 000,282,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.07.09 10:04:48 | 000,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.07.06 12:48:03 | 000,002,602 | ---- | C] () -- C:\Windows\System32\AutoRunFilter.ini
[2011.07.06 12:48:03 | 000,001,803 | ---- | C] () -- C:\Windows\System32\ServiceFilter.ini
[2011.07.06 12:48:03 | 000,000,105 | ---- | C] () -- C:\Windows\System32\FastBoot.ini
[2011.07.06 12:48:03 | 000,000,080 | ---- | C] () -- C:\Windows\System32\Defrag.ini
[2011.07.06 12:48:03 | 000,000,052 | ---- | C] () -- C:\Windows\System32\RemoveFont.ini
[2011.07.06 12:48:03 | 000,000,015 | ---- | C] () -- C:\Windows\System32\BootTime.ini
[2011.07.05 09:30:22 | 000,008,704 | ---- | C] () -- C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.04 21:38:17 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2011.07.04 21:38:10 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.07.04 21:38:10 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.07.04 18:53:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.07.04 18:53:48 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.07.04 18:53:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.07.04 18:53:46 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.07.04 18:53:46 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.07.04 18:53:46 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.07.03 11:24:17 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2011.07.03 11:19:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.13 13:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\.minecraft
[2011.12.09 18:14:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\.visualvm
[2013.02.21 17:53:02 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\AIMP3
[2013.02.13 19:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aion RainMeter
[2011.07.09 14:41:59 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Ashampoo
[2011.11.06 19:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2012.07.10 16:17:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Benubird
[2013.02.22 22:07:28 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BitTorrent
[2011.09.12 18:57:01 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.06.30 08:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\CoSoSys
[2013.02.08 00:43:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2013.01.13 13:12:52 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Dev-Cpp
[2013.02.22 20:36:04 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Dropbox
[2012.06.30 10:22:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DVDVideoSoft
[2012.01.12 22:31:42 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.09 13:32:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\e-academy Inc
[2012.07.10 16:24:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Expert PDF 8
[2012.10.23 14:52:29 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GameRanger
[2012.10.03 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GarenaPlus
[2013.02.04 11:26:38 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2011.11.20 13:25:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2011.12.09 21:06:43 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\gtk-2.0
[2012.04.18 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Jitsi
[2011.07.29 07:36:13 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2012.04.11 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Linphone
[2011.08.15 20:32:13 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ManyCam
[2012.06.06 08:39:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\McNeel
[2011.07.04 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Miranda
[2012.05.25 09:31:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nokia
[2011.07.19 10:39:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nokia Ovi Suite
[2011.07.05 10:34:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\OpenOffice.org
[2011.08.10 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2012.02.21 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Origin
[2012.07.29 12:05:07 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\PC Suite
[2012.01.01 22:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2012.11.05 16:06:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Quest Software
[2011.09.06 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Rainmeter
[2012.03.04 20:12:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Rovio
[2012.06.06 15:37:58 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Samsung
[2012.04.15 10:42:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Screaming Bee
[2011.11.28 21:51:55 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\SoftGrid Client
[2012.07.10 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Softland
[2011.11.12 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TeamViewer
[2012.01.01 20:30:01 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Thinstall
[2012.07.10 16:26:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Tomahawk
[2011.09.26 18:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TP
[2012.06.22 08:45:24 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2012.10.02 17:48:04 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Tunngle
[2011.12.13 16:04:47 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Unity
[2011.10.07 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VBA-M
[2011.12.10 22:22:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VisualAssist
[2012.08.13 07:55:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VitySoft
[2011.11.30 13:24:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\WinEdt Team
[2012.10.02 18:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Wippien

========== Purity Check ==========

oceanik · #18 Příspěvek od **oceanik** » 22 úno 2013 22:32

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,566 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.02.14 07:04:42 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
[2013.02.14 07:04:43 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\erdnt\cache\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp files -> C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140061.ENU-90140011-61-409\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140061.ENU-90140011-61-409\*.tmp -> ]
[5 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.10.13 13:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\.minecraft
[2011.12.09 18:14:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\.visualvm
[2013.02.20 18:20:38 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Adobe
[2013.02.21 17:53:02 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\AIMP3
[2013.02.13 19:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Aion RainMeter
[2012.05.22 15:05:37 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Apple Computer
[2011.07.09 14:41:59 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Ashampoo
[2011.07.03 11:19:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ATI
[2011.11.06 19:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Audacity
[2012.07.10 16:17:44 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Benubird
[2013.02.22 22:15:46 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\BitTorrent
[2013.01.13 13:01:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\CodeBlocks
[2011.09.12 18:57:01 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.07.13 11:26:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Corel
[2012.06.30 08:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\CoSoSys
[2013.02.08 00:43:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
[2013.01.13 13:12:52 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Dev-Cpp
[2012.10.08 15:14:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Download Manager
[2013.02.22 20:36:04 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Dropbox
[2012.06.30 10:22:45 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DVDVideoSoft
[2012.01.12 22:31:42 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.09 13:32:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\e-academy Inc
[2012.07.10 16:24:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Expert PDF 8
[2012.10.23 14:52:29 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GameRanger
[2012.10.03 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GarenaPlus
[2013.02.04 11:26:38 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GetRightToGo
[2011.11.20 13:25:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GHISLER
[2011.07.05 09:58:55 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\GRETECH
[2011.12.09 21:06:43 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\gtk-2.0
[2012.10.03 20:13:24 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Hamachi
[2011.07.03 11:04:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Identities
[2011.11.27 22:59:09 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\InstallShield
[2012.04.18 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Jitsi
[2011.07.29 07:36:13 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Leadertech
[2012.04.11 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Linphone
[2011.07.04 19:21:08 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Macromedia
[2011.08.15 20:32:13 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\ManyCam
[2012.06.06 08:39:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\McNeel
[2011.08.10 09:23:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Media Center Programs
[2012.09.28 06:52:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Media Player Classic
[2012.12.01 14:24:10 | 000,000,000 | --SD | M] -- C:\Users\Jura\AppData\Roaming\Microsoft
[2011.10.24 14:34:30 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Microsoft Corporation
[2011.11.30 13:14:15 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\MiKTeX
[2011.07.04 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Miranda
[2012.01.26 20:04:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\mIRC
[2013.02.05 09:03:49 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Mozilla
[2011.08.01 15:18:20 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nero
[2012.05.25 09:31:11 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nokia
[2011.07.19 10:39:05 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Nokia Ovi Suite
[2011.07.05 10:34:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\OpenOffice.org
[2011.08.10 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Opera
[2012.02.21 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Origin
[2012.07.29 12:05:07 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\PC Suite
[2011.11.20 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\PSpad
[2012.01.01 22:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Publish Providers
[2012.11.05 16:06:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Quest Software
[2011.09.06 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Rainmeter
[2012.03.04 20:12:33 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Rovio
[2012.06.06 15:37:58 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Samsung
[2012.04.15 10:42:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Screaming Bee
[2013.02.22 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Skype
[2013.02.04 00:05:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\skypePM
[2011.11.28 21:51:55 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\SoftGrid Client
[2012.07.10 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Softland
[2011.11.12 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TeamViewer
[2012.01.01 20:30:01 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Thinstall
[2012.07.10 16:26:10 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Tomahawk
[2011.09.26 18:15:27 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TP
[2012.06.22 08:45:24 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\TS3Client
[2012.10.02 17:48:04 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Tunngle
[2011.12.13 16:04:47 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Unity
[2011.10.07 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VBA-M
[2011.12.10 22:22:03 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VisualAssist
[2012.08.13 07:55:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VitySoft
[2012.04.18 11:22:50 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\VMware
[2011.11.30 13:24:14 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\WinEdt Team
[2011.07.04 20:02:35 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\WinRAR
[2012.10.02 18:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jura\AppData\Roaming\Wippien

< %APPDATA%\*.exe /s >
[2013.02.13 19:33:26 | 000,833,536 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\Aion RainMeter\ArmUpdater.exe
[2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.01.20 20:29:54 | 000,203,264 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.05.24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jura\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2007.03.22 11:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Jura\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2012.11.02 13:13:04 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jura\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.10.12 18:02:24 | 000,043,385 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}\_112D608FD02CD87FDC7735.exe
[2011.10.12 18:02:24 | 000,043,385 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}\_1A508631B9BA7A5663EE5C.exe
[2011.10.12 18:02:24 | 000,032,579 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}\_853F67D554F05449430E7E.exe
[2012.09.25 22:29:59 | 000,088,102 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{4CF63D66-56F0-0224-6C62-FBCB4C68578C}\ARPPRODUCTICON.exe
[2012.07.09 13:32:10 | 000,009,662 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_112D608FD02CD87FDC7735.exe
[2012.07.09 13:32:10 | 000,009,662 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_853F67D554F05449430E7E.exe
[2012.07.09 13:32:10 | 000,009,662 | R--- | M] () -- C:\Users\Jura\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_D741DE45EC951A9C783889.exe
[2012.11.12 18:38:00 | 001,361,896 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.02.21 07:09:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
[2013.02.22 22:09:04 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.02.22 20:45:00 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:45:00 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:35:12 | 003,845,144 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.02.21 15:47:13 | 000,165,738 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.02.21 15:47:13 | 000,146,364 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.02.21 15:47:13 | 000,735,048 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.02.21 15:47:13 | 000,720,402 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.02.21 15:47:13 | 001,768,508 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ManyCam" = "C:\Program Files\ManyCam 2.4\ManyCam.exe" -- [2010.03.03 11:13:20 | 001,824,040 | ---- | M] (ManyCam LLC)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 22:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\skype.exe" /minimized /regrun -- [2012.07.13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
"BitTorrent" = "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED -- [2013.01.05 09:45:38 | 000,980,376 | ---- | M] (BitTorrent, Inc.)
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 05:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"AdobeBridge" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Software]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft\Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft\Windows\CurrentVersion]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft\Windows\CurrentVersion\Run]

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.02.19 22:40:47 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=050D1C454A49D4DF8EB5222D352B6630 -- C:\Program Files\Mozilla Firefox\firefox.exe
[304 C:\Program Files\Mozilla Firefox\*.tmp files -> C:\Program Files\Mozilla Firefox\*.tmp -> ]

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.01.08 23:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.02.10 16:23:06 | 000,879,456 | ---- | M] (Opera Software) MD5=2ABD166EC31BE154D8CBEEC5D7F5714C -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.01.26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) MD5=0654E4C1F597FC07D6FC7443D4F94840 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.02.22 22:03:55 | 000,000,512 | ---- | M] () MD5=354F4227EA3FCEB4EA240D5634E337C4 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2002.12.18 17:10:46 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Bumpmap\Cracks.cpt
[2002.12.16 18:44:50 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Canvas\cracks2c.pcx
[2002.12.16 18:44:30 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Tiles\CRACKS2M.CPT
[2012.07.16 00:19:08 | 000,000,922 | ---- | M] () -- \Users\Jura\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimages.jesuslovesporn.net%2Fsource_galleries%2Finthecrack-649-abelia%2F08.png
[2012.12.11 08:41:50 | 000,000,371 | ---- | M] () -- \Users\Jura\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.inthecrack.in%2Ffavicon.png
[2012.12.11 08:42:09 | 000,000,990 | ---- | M] () -- \Users\Jura\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.inthecrack.in%2Fgals%2F03122012%2Finthecrack%2Fimages%2F5.png
[2011.10.06 15:09:49 | 000,002,745 | ---- | M] () -- \Users\Jura\AppData\Roaming\BitTorrent\Portal.2.Crack.Fix-SKIDROW.torrent
[2013.02.20 18:15:32 | 000,000,463 | ---- | M] () -- \Users\Jura\AppData\Roaming\Microsoft\Windows\Recent\Návod Crack 32-Bit.txt.lnk

< *keygen* /s >

< *loader* /s >
[2012.02.28 10:59:38 | 001,295,512 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.03.01 19:23:20 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.02.22 14:35:34 | 011,566,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebook.exe
[2011.10.04 20:20:00 | 000,000,281 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebook.xml
[2012.02.22 14:35:34 | 000,507,504 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebookStub.exe
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\de-DE\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\es-ES\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\fr-FR\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\it-IT\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,656 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\ja-JP\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\nl-NL\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\pl-PL\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\pt-PT\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,656 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\ru-RU\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\zh-CHS\FreeUploaderForFacebook.resources.dll
[2012.02.22 14:32:10 | 000,005,120 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\zh-CHT\FreeUploaderForFacebook.resources.dll
[2012.02.28 10:59:34 | 000,041,112 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2012.02.28 10:59:34 | 000,069,272 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube to DVD Converter\DVDVideoSoft.DownloaderYT2DvdAppExt.dll
[2012.02.28 10:59:34 | 000,041,112 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube to DVD Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012.02.28 10:59:34 | 000,041,112 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube to iPhone Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012.02.28 10:59:34 | 000,041,112 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube to iPod Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012.02.28 10:59:34 | 000,041,112 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012.02.28 10:59:34 | 001,571,480 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\FreeYouTubeUploader.exe
[2012.01.10 15:14:52 | 000,000,332 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\FreeYouTubeUploader.xml
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\de-DE\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\es-ES\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\fr-FR\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\it-IT\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\ja-JP\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\nl-NL\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\pl-PL\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\pt-PT\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,009,728 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\ru-RU\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,008,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\zh-CHS\FreeYouTubeUploader.resources.dll
[2012.02.22 14:31:56 | 000,008,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\zh-CHT\FreeYouTubeUploader.resources.dll
[2012.06.26 02:53:26 | 000,174,800 | ---- | M] () -- \Program Files\Cheat Engine 6.2\Kernelmoduleunloader.exe
[2011.12.09 13:01:17 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011.12.09 13:01:17 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2011.12.09 13:01:18 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\modules\org-openide-loaders.jar
[2011.12.09 13:01:18 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2011.12.09 13:01:18 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011.12.09 13:01:18 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_01\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2012.02.11 09:00:10 | 000,026,200 | ---- | M] () -- \Program Files\Microsoft SQL Server\110\Tools\Binn\SqlResourceLoader.dll
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[304 \Program Files\Mozilla Firefox\*.tmp files -> \Program Files\Mozilla Firefox\*.tmp -> ]
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.01.15 16:58:56 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.05.10 13:43:43 | 000,006,687 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2009.01.15 01:36:48 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.01.15 17:43:24 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.01.14 19:42:58 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.01.15 00:59:36 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2007.04.03 10:05:20 | 000,018,944 | ---- | M] () -- \Program Files\Samsung\Samsung PC Studio 3\CMLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.04.03 17:00:19 | 000,001,501 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2012.04.03 17:00:19 | 000,001,446 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Python27\Lib\unittest\loader.py
[2011.03.08 09:43:28 | 000,050,487 | ---- | M] () -- \Python27\Lib\unittest\test\test_loader.py
[2012.04.03 17:00:19 | 000,001,501 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2012.04.03 17:00:19 | 000,001,446 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.16 15:48:25 | 000,013,317 | ---- | M] () -- \Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\images\1024\page\loader-logo.png
[2013.02.04 11:30:14 | 000,006,093 | ---- | M] () -- \Users\Jura\AppData\Local\Max Secure Software\MaxDownloadTemp\maxdownloader.log
[2013.02.19 11:46:31 | 000,105,903 | ---- | M] () -- \Users\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EGAWOGS\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.19 11:46:31 | 000,000,753 | ---- | M] () -- \Users\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVO0743M\AdLoader[1].htm
[2012.06.08 03:09:00 | 000,385,792 | ---- | M] () -- \Users\Jura\AppData\Local\MicrosoftStore\downloader.bundle
[2012.03.16 17:32:00 | 000,687,520 | ---- | M] () -- \Users\Jura\AppData\Local\MicrosoftStore\downloader.dll
[2012.10.13 13:30:01 | 000,003,350 | ---- | M] () -- \Users\Jura\AppData\Roaming\.minecraft\ModLoader.txt
[2011.05.18 15:59:04 | 000,002,452 | ---- | M] () -- \Users\Jura\AppData\Roaming\.minecraft\ModLoader.txt.1
[2012.10.13 13:30:00 | 000,001,215 | ---- | M] () -- \Users\Jura\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.08.29 17:05:55 | 000,001,043 | ---- | M] () -- \Users\Jura\Desktop\FreeRapid Downloader.lnk
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 02:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 02:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 02:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 02:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.09.01 09:28:02 | 000,003,451 | ---- | M] () -- \www\cakephp\lib\Cake\TestSuite\CakeTestLoader.php

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

oceanik · #19 Příspěvek od **oceanik** » 22 úno 2013 22:33

OTL Extras logfile created on: 22.2.2013 22:01:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jura\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 56,48% Memory free
5,49 Gb Paging File | 4,11 Gb Available in Paging File | 74,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42,00 Gb Total Space | 3,26 Gb Free Space | 7,75% Space Free | Partition Type: NTFS
Drive D: | 423,76 Gb Total Space | 178,32 Gb Free Space | 42,08% Space Free | Partition Type: NTFS

Computer Name: JURA-NBNEPCOMG | User Name: Jura | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\programy\PS CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E16D233-659B-4642-B4FB-5736D2D750B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{112F748A-D816-489D-A526-D7E7E387A66B}" = rport=139 | protocol=6 | dir=out | app=system |
"{21F6F244-F5C7-4EC1-9C0F-268C4149F804}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2FFE495F-C5BC-465F-ACDB-B137957998E9}" = lport=138 | protocol=17 | dir=in | app=system |
"{3E89B0CF-32F7-4C0D-BB09-0F5C0A2975C3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4623C3DC-E677-4734-84DB-03FA5B9E1529}" = lport=49183 | protocol=6 | dir=in | name=akamai netsession interface |
"{4D437E67-C76D-441E-B303-64D6B007F9AD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{50AB853D-1F56-4F7A-AB6D-D463F83C1246}" = lport=57573 | protocol=6 | dir=in | name=pando media booster |
"{57A50496-75A4-4F1F-A18E-9C996D11B65F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FBA10C8-AC4D-4719-9DB2-A8E77BF9E8C1}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F8B7C75-1032-4316-889D-0CBC3AA775E5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7ABCDC11-6E2B-4BDC-BDCB-AD533F3623DC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7AE623FF-AEA5-486D-B39D-CBA1E20D13D6}" = lport=57573 | protocol=17 | dir=in | name=pando media booster |
"{7BA525BC-4C58-4DDD-A0FE-FD0D73F329E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D3BE999-01DE-4B54-969B-6422726C9374}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EDD02CC-EB88-453A-9F98-5597EE0070C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{834F23D8-93BC-4D9F-A664-CF225B21334F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{86BB57DC-925C-443D-9DE7-C1979DC51B0C}" = lport=56628 | protocol=6 | dir=in | name=pando media booster |
"{88F97DB3-F644-4DF7-B988-D695BD8D8CCE}" = lport=57573 | protocol=17 | dir=in | name=pando media booster |
"{8C1AA0C6-24D7-48AB-BE56-3A3FFE8F5CD7}" = lport=445 | protocol=6 | dir=in | app=system |
"{8CE84963-6F88-4464-90EC-048FD08FECBE}" = lport=137 | protocol=17 | dir=in | app=system |
"{90792621-22C2-446F-9931-D4F6A107EFD8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A303822D-339C-430C-9867-84CA12B01508}" = lport=56628 | protocol=17 | dir=in | name=pando media booster |
"{A8632997-4765-418E-95CF-4930651F4437}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A98866A7-3E15-4B3B-B33F-D635AFE76F67}" = lport=56628 | protocol=17 | dir=in | name=pando media booster |
"{AF66006F-2058-42E5-8E94-23B4DBE2BEAF}" = lport=57573 | protocol=6 | dir=in | name=pando media booster |
"{B0C0F837-F5C5-4228-A2B7-9B6D6BB2B3D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B11A3405-E811-4494-9928-1D913A8FD140}" = rport=138 | protocol=17 | dir=out | app=system |
"{B779947A-C725-4209-96C3-F78C64CCF7ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBD97432-C66C-4B5D-85BD-1A84213B2B41}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D391EE94-5C30-4130-92E6-005EE1B0BD60}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D41E602D-5F81-4056-9593-679BF4B3775A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DFBDA40C-16A0-4B39-9302-4082737FCD69}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EAC10557-81DD-4B4F-9DE1-AEF421649C99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EEE111FD-5EF4-434F-BA2A-024F083A6A64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F055C3AE-DF90-4E5C-B00D-1A16C65CD17C}" = rport=137 | protocol=17 | dir=out | app=system |
"{F2EB28FF-4A01-47FD-B21B-2675524F2016}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4293769-21F1-486B-ACEC-D4222D86D50F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F6441DBA-2437-4D63-9EC9-869C5883428C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6CD272A-D4E0-44C8-96CC-41FBBDB6C079}" = lport=56628 | protocol=6 | dir=in | name=pando media booster |
"{FEED8170-2CEF-4141-939F-41ECB5BF8213}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CAE7156-9DA8-4688-82DE-81ACA0E68B3C}" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\java.exe |
"{0F430C38-748E-4EF4-9E4E-BB147E6C1DDC}" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\java.exe |
"{0F60CB9F-F7CA-4369-AC27-4E09489A52D7}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{12069738-A68A-400D-9F49-2CE8094B30B5}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{157B865C-3F5E-4EA3-9DAC-45B43D9724DE}" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"{173507C7-6746-4AF4-AC3C-435B187DEF64}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1818D451-40DF-4CDE-B9AD-3680354292FE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1C8118DF-2C8C-47ED-9BE2-38430CDE93DF}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{1CA20517-5116-4E09-B241-42DCD07C866B}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1DF98AF5-23C7-42E5-BF77-4D752923AD4D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1E8A554D-6F31-4F8D-B11A-863B0BA117C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2366089C-D3B0-4E99-94EB-F661BA7295D2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{24F7611D-7135-4680-8F47-CE1903104835}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{26CAC47F-2FF3-4384-851B-7AFF3EBAD173}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CD62129-132B-4A74-BED7-7B892317AAC5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{32A6C6E6-97E3-4C02-A4DE-A176A0DDB9E8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{37A370F3-4638-47E2-9525-B9C795B0C58F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{3816CACE-31F8-4BD2-8324-7263E1802D4F}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"{3A6172C5-04CC-4011-B6CF-57EFCAD8FB59}" = protocol=6 | dir=in | app=c:\users\jura\appdata\roaming\dropbox\bin\dropbox.exe |
"{3C1DDA13-1E53-4AF1-8D64-C4A0EA38A97B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D541209-6A48-43DA-9C38-924B5715DDBB}" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{4252BAE6-C768-4415-9043-AF207EC17C7F}" = protocol=6 | dir=in | app=c:\users\jura\appdata\roaming\dropbox\bin\dropbox.exe |
"{44E68658-CD09-4C6B-BF25-FE8B6C368F72}" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"{46404571-245B-490C-B5D0-675DE8D68D5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{496273EE-D4A2-4A9B-8663-3CA16BEB4451}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{4AE2CEC9-38CE-4754-B2BF-F2030440BD00}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4D6D5975-EC22-4A0D-8C23-6CA9C822FC6D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5675AED3-7D6E-443A-ADA8-6CD2AE9576C4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{627765A2-6FE1-47DA-9E26-A9476D8433AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63B27AAE-ADD2-4782-93E6-EDEE87C12CCE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{69189535-753F-4824-B580-5DB54E2D31E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{691A3D8A-5D36-4AB6-B1A0-5D6E0C3D02C9}" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6A474CD0-3624-42F4-9BDE-DA096A93694D}" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"{6CF4BAA1-28F6-45DF-8D64-3CBF3C339094}" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{7147AEC3-5715-43F2-8779-01D6D8B08AD9}" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"{717B0931-0564-4913-AA64-17404FCFC6DC}" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"{79989C14-D5F4-4865-B244-6C30DDC120A2}" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{7AFAC581-DA4A-401A-B063-F3AB30F67D88}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{7AFAE8FF-2A30-4742-8ACD-D291C86B6758}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{7B517D5D-55F1-4301-A7F8-CE8C4F2DB3FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CB07F8C-8C5D-498E-A797-5E55DF1B4515}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{7ED20354-B552-41DC-9F20-3CC763A935D5}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{812A88F0-FC00-482B-80A7-01D26DA74393}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{88BA5BF9-EE46-487A-BDCD-451F9A925B9E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89529C5B-5FC0-4DE8-ACD6-DFF72F7E5F90}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8ADBCC5F-E6EB-4596-87E8-CEDCA0EAA978}" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"{92002F1C-77AC-48D6-AF2C-85AEEEA64DD2}" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"{95407A6B-FB52-476A-8178-7C86AD8FE112}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{974BB095-731F-41F8-A336-6AD8480DA574}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{974E2A90-CA61-438F-B232-CF0BFEC83597}" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\akamai\netsession_win.exe |
"{98C5FC30-A8A8-4B90-9275-DFD0056017AE}" = protocol=17 | dir=in | app=c:\users\jura\appdata\roaming\dropbox\bin\dropbox.exe |
"{995FECD6-48A7-48FE-98F2-62E9CBAB4A25}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A151816-9494-4FF5-AC5C-74F47592ACBC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9A82AE17-EA09-4A37-A891-5B81AB28C120}" = protocol=17 | dir=in | app=c:\users\jura\appdata\roaming\dropbox\bin\dropbox.exe |
"{9BC93A57-8166-4FB6-9B9E-233D313535A7}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A1169224-0131-418C-924A-3100DEE68761}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A13C4BE3-4BDE-43DE-BC2C-34C5BC4DADFD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A4918D2D-F205-40B5-A95E-DD5A71524E79}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{AE64FFBA-8B42-4839-9106-7596435DA73E}" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{B16F7B0B-1243-4D00-95DD-1E1408874EA3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B18B1F43-1B45-4EF9-9701-ED78AC6C8FCA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B30EA05C-BD72-4ED9-B920-99D7A9AF4489}" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"{B3DC8762-9864-418A-828C-17BAFA1A62D1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{B3FFCB6B-3215-41C1-B736-3B4DFD08889F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B99379B6-41CF-47D9-8989-ABB9271F4093}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B9AC9BE2-F159-449E-98BF-FF05A7817278}" = protocol=6 | dir=out | app=system |
"{BC30A2F3-321F-4CA7-84C1-507BEFC64656}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C184DCE4-8F87-4D7F-9C97-D539BD5BD118}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C53F46C3-BCD4-49EB-B50E-7C066DC6582A}" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"{C77DBE79-B0E7-44DD-90EE-EA12B9CEBA0D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{D8E7450D-1479-4E94-B0FE-62999B296369}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DB9519D7-3768-4DFD-8346-687817B4AE60}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DD27A014-FB92-4882-8EA2-2342768F3483}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{DE0131B1-1F14-4CEF-B643-5041DE102B7A}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{DFC9B899-48EB-41D8-B92E-0A53387B708D}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{E390A02F-3E38-4186-AC42-2149EF4E397B}" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\akamai\netsession_win.exe |
"{E7BCC299-BE61-4A26-8C6B-DE63DDF993E2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7F47F46-2087-4784-9F4F-BBB2C5271099}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EB2EFC4E-D7CA-4A5F-8AE6-2C1DFC047CA6}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{EC194238-FA60-4706-AF55-32FD4E3A35DA}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F781739F-17BE-4B5C-870E-4B5A94FE4102}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{F7B674D4-A8AD-49D1-A0E2-26A22903D293}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F9DFD062-EF13-4F57-AE42-1F0FBF4CE996}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEC9B714-A48D-4371-8855-6CD15E7E7B2A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FFA05FF5-EC8C-4E67-92A0-8520D491C29D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{29CC8556-15B4-4748-970C-9BBE7AC2BE25}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{44F975F6-5646-4E4B-B077-21407F7509C8}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{456008C5-84BD-46B7-A127-77C3D471D250}D:\hry\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\hry\borderlands\binaries\borderlands.exe |
"TCP Query User{55B2AE27-5669-42BD-8EF4-979AC95D6EE3}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{646E8E7B-1317-4B6D-AFBE-7C71B30C297E}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{700932F5-521E-47BA-8F8C-F078888E0472}C:\program files\java\jdk1.7.0_01\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\java.exe |
"TCP Query User{7998FA2E-6032-4EB2-ACF7-B65D6DB6C496}D:\hry\bfh\bfheroes.exe" = protocol=6 | dir=in | app=d:\hry\bfh\bfheroes.exe |
"TCP Query User{813232D5-824E-4FD3-9851-EE86C467AF93}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{94F6B260-E1B6-4680-A908-D9E16F895D2D}C:\users\jura\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jura\appdata\local\akamai\netsession_win.exe |
"TCP Query User{B23B9F8E-81F8-4185-BA6B-3DA690BC80B3}D:\hry\2k\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\hry\2k\binaries\borderlands.exe |
"TCP Query User{CA895737-B0A9-4962-8FEE-389E25D9E930}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{D3997F60-0033-4F14-B291-678246E50F49}C:\users\jura\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\jura\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{F16D00DA-B2BA-4925-AEC1-5A28DC995B13}D:\hry\2k\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\hry\2k\binaries\borderlands.exe |
"TCP Query User{FF64401F-DC79-408E-A0AA-1DAA2959DAE3}C:\program files\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files\garena plus\room\garena_room.exe |
"UDP Query User{012B4454-F59E-41C0-9419-730C922635CA}D:\hry\bfh\bfheroes.exe" = protocol=17 | dir=in | app=d:\hry\bfh\bfheroes.exe |
"UDP Query User{3646C8FC-BB56-4402-B660-A0230399454A}D:\hry\2k\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\hry\2k\binaries\borderlands.exe |
"UDP Query User{4002CB1C-8396-4B96-BDA2-B936CEFEAADB}C:\program files\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files\garena plus\room\garena_room.exe |
"UDP Query User{452AC3C9-E007-46F1-BC2C-0956B514F66E}D:\hry\2k\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\hry\2k\binaries\borderlands.exe |
"UDP Query User{46016FE7-3BE0-470D-B969-4154A0488054}D:\hry\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\hry\borderlands\binaries\borderlands.exe |
"UDP Query User{4F7FB7C2-8337-4185-B469-C6CD89BC6550}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{50B173F5-728C-44AA-9B28-4EBA26CFBCC0}C:\program files\java\jdk1.7.0_01\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\java.exe |
"UDP Query User{6CD2816E-7BBD-426E-811A-63953776CFE3}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"UDP Query User{7BA77C8B-A134-4D9E-8E36-D6FAD828238D}C:\users\jura\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jura\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7E31720D-639D-4C31-AA5F-6B95FDF93D28}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{84D5B659-F3E2-4B42-A84B-E405760AC5FD}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{9EA9E0A2-C786-4DFC-9477-C566E3C7C1EA}C:\users\jura\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\jura\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{EEABD244-6609-4CB0-9645-B3E9FEAF4AF0}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{F8A37215-1A83-4D42-9FB8-028B4F261427}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BE273CD-AAB9-361B-8C32-D955EAC929E3}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11210BD7-A8EF-79EE-D18F-021D1E04A689}" = CCC Help Dutch
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{118AD615-8BCF-11D6-1700-B6763A0EA713}" = CCC Help Polish
"{124D51A1-F3C2-45AE-B812-D3CA71247093}" = SQL Server 2012 Common Files
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{145238D6-1ADD-15DD-4499-744215DCCD18}" = Catalyst Control Center InstallProxy
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15DEA4E9-E4AD-2A1A-4B59-89CA65D5075B}" = CCC Help Finnish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1AFD9DDB-FB24-F8C4-E792-03901C50490D}" = CCC Help Swedish
"{1B0FF612-0E07-4AB2-DD95-EB7651AEB3A1}" = CCC Help Italian
"{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{284CFEE9-720C-43C6-A276-1945CA4F6DDF}_is1" = Aion RainMeter version 1.54
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C5030F2-83A2-60D1-5BE3-902793E1AFF1}" = AMD Media Foundation Decoders
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{32A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1
"{32A9C5B3-D166-4C6D-A11E-A54473151000}" = Java 3D 1.5.1
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{376A622B-F0FA-DDAB-9635-05D9F3F634D6}" = CCC Help Norwegian
"{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = OSCAR Editor
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{48BA11B4-3E38-FA74-2D5A-003475844AA3}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CF63D66-56F0-0224-6C62-FBCB4C68578C}" = Application Profiles
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{4DD75A56-D9DA-DD49-3507-470C7CA7B43F}" = CCC Help Chinese Standard
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DB24244-5ABE-A87B-5FB1-95CF09F801A8}" = CCC Help German
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D73C02-EF3F-45D2-7F01-DCC4B1B39CC3}" = CCC Help Korean
"{62A6A9B3-0CA2-6A17-A78B-918346A10C8B}" = AMD Catalyst Install Manager
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6742BE3D-1A59-3BFD-BA20-2FDA866099B8}" = Microsoft Visual Studio 2010 Premium - ENU
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6CEF2BC6-8929-44EE-8360-175513E1A49A}" = Secure Download Manager
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DDC515D-1FE6-C5FC-E872-24D1B8B4C1A1}" = CCC Help Russian
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736F1518-E5E6-0AC3-AD58-41CD8AD592EE}" = AMD Drag and Drop Transcoding
"{7427941A-51A3-E2EB-BCD2-A1981DBCA4AD}" = Catalyst Control Center Graphics Previews Common
"{75BB238C-BAA9-6E79-F4B9-3100127500E4}" = AMD Accelerated Video Transcoding
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{79A16F82-9F79-E47E-C6D4-206E7CC1D593}" = CCC Help Czech
"{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7D29ED63-84F9-4EC7-B49F-994A3A3195B2}" = SQL Server 2012 Common Files
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{8153BA0E-719E-3829-3B06-DC1412933BD6}" = CCC Help Japanese
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{827990C7-4D30-3627-A2D1-5FFA09198BB2}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C7F964-AC58-4104-B613-B4D0F61DA8CD}" = Microsoft SQL Server 2012 Native Client
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7D9B66-1B53-D729-FD0C-ED38629FA407}" = CCC Help Greek
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{90E54495-659E-472C-89D8-145A0E3FC0BA}" = Samsung PC Studio 3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCE40CE-A9E6-4916-8729-B008558EEF3F}" = Microsoft Report Viewer 2012 Runtime
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4A550A8-4EEF-8577-1C15-E3C914FF4AD9}" = CCC Help Portuguese
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A866F37D-0E46-1812-3E3C-9778D4A458B2}" = AMD VISION Engine Control Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF7FFC8-20C4-CB57-4982-68EB410EBBC7}" = CCC Help Danish
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD15759F-488D-442C-A8B4-C4FEEACFA939}" = SQL Server 2012 Management Studio
"{AD4B6B20-11CE-2C81-9615-2DCAABF15966}" = CCC Help French
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C2B219C7-C9B6-ABEB-EF49-D7E57127A75E}" = ccc-utility
"{C2EF5187-3969-431B-BCFE-921F5F2263E1}" = Quest Software Toad Data Modeler Freeware
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB1177DD-0316-4C93-A5AE-BBF1E2B7F07E}" = SQL Server 2012 Management Studio
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{CEA86648-87FA-4775-8F3B-A57F720BAE85}" = Microsoft SQL Server 2012 Setup (English)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1931310-EEF5-3B7A-0C57-01127888E4E4}" = CCC Help Turkish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D952C4F9-2488-3723-84BE-1BFA907DCAC9}" = Google Talk Plugin
"{D9DA2981-3298-4F1A-9192-F2CF5BD91145}" = Microsoft SQL Server 2012 Express LocalDB
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DB2B4DA8-595D-42A1-A1AF-8AF654C18D54}" = MorphVOX Pro
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}" = Rhinoceros 4.0 Evaluation
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E7A94CD8-526B-FDD3-E16F-CB40A0747C70}" = CCC Help Chinese Traditional
"{E91BD0CF-EFA8-477C-8207-A026E70BBED9}" = CCC Help English
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECD4DCC1-C03F-8CC2-432B-317ECB9D6A09}" = Catalyst Control Center Localization All
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C1D15D-20C5-6D42-C464-D5C4860D302A}" = AMD Fuel
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{F9F07F00-FF55-7752-7FF8-F512AF641BA9}" = CCC Help Thai
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFE0A7EE-0627-307D-F102-519B5B367703}" = CCC Help Hungarian
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"AIMP2" = AIMP2
"AIMP3" = AIMP3
"Android SDK Tools" = Android SDK Tools
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AutoHotkey" = AutoHotkey 1.0.48.05
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Elantech" = ETDWare PS/2-x86 7.0.5.10_WHQL
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 5.3.5
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Handset WinDriver" = Handset WinDriver 1.02.03.00
"Heroes of Might and Magic IV" = Heroes of Might and Magic IV
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"InstallShield_{37D0D63F-8F2B-4BA6-A4B6-126AE36B8E59}" = X7 Oscar Editor
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.0
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft SQL Server 11" = Microsoft SQL Server 2012
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Premium - ENU" = Microsoft Visual Studio 2010 Premium - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 19.0 (x86 cs)" = Mozilla Firefox 19.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Nokia Suite" = Nokia Suite
"OpenAL" = OpenAL
"Opera 12.14.1738" = Opera 12.14
"Origin" = Origin
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"Revo Uninstaller" = Revo Uninstaller 1.94
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinEdt 6" = WinEdt 6
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"NCsoft-Aion" = Aion (North America)
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.2.2013 9:32:45 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6540295

Error - 21.2.2013 9:32:46 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 21.2.2013 9:32:46 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6541293

Error - 21.2.2013 9:32:46 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6541293

Error - 21.2.2013 9:32:47 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 21.2.2013 9:32:47 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6543040

Error - 21.2.2013 9:32:47 | Computer Name = Jura-NBnePComg | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6543040

Error - 22.2.2013 15:35:36 | Computer Name = Jura-NBnePComg | Source = WinMgmt | ID = 10
Description =

Error - 22.2.2013 16:18:29 | Computer Name = Jura-NBnePComg | Source = Application Hang | ID = 1002
Description = Program pythonw.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1518 Čas spuštění: 01ce1139baa85051 Čas ukončení: 3 Cesta k aplikaci: C:\Python27\pythonw.exe

ID
hlášení: 02a4fdd3-7d2d-11e2-a01c-72f06d7766df

Error - 22.2.2013 16:22:14 | Computer Name = Jura-NBnePComg | Source = Application Hang | ID = 1002
Description = Program pythonw.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1094 Čas spuštění: 01ce113a46a504ec Čas ukončení: 2 Cesta k aplikaci: C:\Python27\pythonw.exe

ID
hlášení: 8a41a348-7d2d-11e2-a01c-72f06d7766df

[ McNeel Events ]
Error - 6.6.2012 16:51:27 | Computer Name = Jura-NBnePComg | Source = McNeel Update Service (version 5.1) | ID = 0
Description = Error,Download failed permanently for '{{http://store.mcneel.com/api/v1/mcneelup ... cz/weekly/}}'
-> '{{C:\ProgramData\McNeel\McNeelUpdate\DownloadCache\332ca1e3237eae7c4627eaa8e8b8f24c\update.xml}}',5.1.2012.521

[ Media Center Events ]
Error - 2.9.2011 3:42:53 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 9:42:49 - Chyba při připojování k Internetu 9:42:49 - Nelze kontaktovat
server..

Error - 5.9.2011 4:36:39 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 10:36:38 - Chyba při připojování k Internetu 10:36:39 - Nelze kontaktovat
server..

Error - 5.9.2011 4:37:21 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 10:37:17 - Chyba při připojování k Internetu 10:37:17 - Nelze kontaktovat
server..

Error - 5.9.2011 5:38:03 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 11:38:03 - Chyba při připojování k Internetu 11:38:03 - Nelze kontaktovat
server..

Error - 5.9.2011 5:38:34 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 11:38:33 - Chyba při připojování k Internetu 11:38:33 - Nelze kontaktovat
server..

Error - 5.9.2011 7:02:20 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 13:02:19 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 5.9.2011 8:03:04 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 14:03:02 - Chyba při připojování k Internetu 14:03:02 - Nelze kontaktovat
server..

Error - 7.9.2011 2:35:02 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 8:35:02 - Načtení položky Directory se nezdařilo. (Chyba: Vzdálený
název nelze rozpoznat: 'data.tvdownload.microsoft.com')

Error - 7.9.2011 2:36:16 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 8:36:10 - Chyba při připojování k Internetu 8:36:10 - Nelze kontaktovat
server..

Error - 16.10.2011 3:57:27 | Computer Name = Jura-NBnePComg | Source = MCUpdate | ID = 0
Description = 9:57:22 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

[ System Events ]
Error - 19.2.2013 15:25:10 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

Error - 19.2.2013 15:25:24 | Computer Name = Jura-NBnePComg | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR3 ještě není připraveno pro přístup.

< End of report >

#20 Příspěvek od **vyosek** » 23 úno 2013 10:48

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2012.04.24 22:56:23 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\vserial.sys -- (vserial)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTSimHid.sys -- (PTSimHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTSimBus.sys -- (PTSimBus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jura\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (arfhsqws)
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{C0EFFB16-BB3B-4DFF-98FD-CE1FC9EBB753}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-3741011086-1165501081-336709912-1000\..\SearchScopes\{C7A864F6-8AFE-4BA3-8B86-4CD86E2DF15E}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^CZ&apn_uid=7CAC5F59-A6E9-4BCF-9F15-A6A016C4A6B5&apn_sauid=597EB144-3B21-408D-A859-4972468667F0
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp files -> C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140061.ENU-90140011-61-409\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140061.ENU-90140011-61-409\*.tmp -> ]
[5 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[2013.02.21 07:09:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
[2013.02.22 22:09:04 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"ISUSPM Startup"=-
"Akamai NetSession Interface"=-
"BitTorrent"=-
"NokiaSuite.exe"=-
"Pando Media Booster"=-
"AIMP3"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"ISUSScheduler"=-
"AdobeCS5ServiceManager"=-
"SunJavaUpdateSched"=-
"QuickTime Task"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

:files
C:\Program Files\PANDORA.TV
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

oceanik · #21 Příspěvek od **oceanik** » 24 úno 2013 14:49

All processes killed
========== OTL ==========
Service PanService stopped successfully!
Service PanService deleted successfully!
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe moved successfully.
Service vserial stopped successfully!
Service vserial deleted successfully!
File System32\DRIVERS\vserial.sys not found.
Service VMnetAdapter stopped successfully!
Service VMnetAdapter deleted successfully!
File system32\DRIVERS\vmnetadapter.sys not found.
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys not found.
Service PTSimHid stopped successfully!
Service PTSimHid deleted successfully!
File system32\DRIVERS\PTSimHid.sys not found.
Service PTSimBus stopped successfully!
Service PTSimBus deleted successfully!
File system32\DRIVERS\PTSimBus.sys not found.
Service GGSAFERDriver stopped successfully!
Service GGSAFERDriver deleted successfully!
File C:\Program Files\Garena Plus\Room\safedrv.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Jura\AppData\Local\Temp\catchme.sys not found.
Error: No service named arfhsqws was found to stop!
Service\Driver key arfhsqws not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0EFFB16-BB3B-4DFF-98FD-CE1FC9EBB753}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0EFFB16-BB3B-4DFF-98FD-CE1FC9EBB753}\ not found.
Registry key HKEY_USERS\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C7A864F6-8AFE-4BA3-8B86-4CD86E2DF15E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7A864F6-8AFE-4BA3-8B86-4CD86E2DF15E}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EF6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BAD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB29D.tmp\Microsoft.SqlServer.ConnectionInfo.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB29D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEE06.tmp\System.Configuration.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEE06.tmp folder deleted successfully.
C:\Windows\Installer\MSI121A.tmp deleted successfully.
C:\Windows\Installer\MSI487E.tmp deleted successfully.
C:\Windows\Installer\MSI9C27.tmp deleted successfully.
C:\Windows\Installer\MSIA933.tmp deleted successfully.
C:\Windows\Installer\MSIAA6A.tmp deleted successfully.
C:\Windows\Installer\MSIB272.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC01C.tmp deleted successfully.
C:\Windows\Installer\MSIFD4.tmp deleted successfully.
C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\GLF873B.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140061.ENU-90140011-61-409\UsrVol_sftfs_v1.tmp deleted successfully.
C:\Windows\temp\CR_65D00.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\temp\CR_65D00.tmp folder deleted successfully.
C:\Windows\temp\~4FF4.tmp deleted successfully.
C:\Windows\temp\~A92A.tmp deleted successfully.
C:\Windows\temp\~AB8B.tmp deleted successfully.
C:\Windows\temp\~B606.tmp deleted successfully.
C:\Windows\temp\~B98F.tmp deleted successfully.
C:\Windows\temp\~BE21.tmp deleted successfully.
C:\Windows\temp\~CB0C.tmp deleted successfully.
C:\Windows\temp\~D153.tmp deleted successfully.
C:\Windows\temp\~E965.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job moved successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BitTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AIMP3 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
========== FILES ==========
C:\Program Files\PANDORA.TV\PanService folder moved successfully.
C:\Program Files\PANDORA.TV folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jirka
->Temp folder emptied: 0 bytes

User: Jura
->Temp folder emptied: 1329653 bytes
->Temporary Internet Files folder emptied: 3043509 bytes
->Java cache emptied: 685804 bytes
->FireFox cache emptied: 442167105 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 66221 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1220988 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 428,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jirka

User: Jura
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jirka

User: Jura
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 02242013_144210

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#22 Příspěvek od **vyosek** » 24 úno 2013 19:15

Fajn, jak se chova PC

oceanik · #23 Příspěvek od **oceanik** » 25 úno 2013 10:23

Vše funguje, tak jak má. Skype přestal posílat spamy a navíc mi firefox přestal defaultně vyhledávat v AVG

. Děkuju mockrát, příště už si budu dávat sakra pořádný pozor

#24 Příspěvek od **vyosek** » 25 úno 2013 23:54

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus

Re: skype spam virus