Preventka Frezeer

Zpráva

Frezeer · #1 Příspěvek od **Frezeer** » 16 bře 2013 22:29

Prosím o preventku:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jiří at 2013-03-16 22:18:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 54 GB (8%) free of 642 GB
Total RAM: 3948 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:57, on 16.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444& ... d8198facf9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2937
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [DrivUpdater] C:\Windows\updater\updat.exe
O4 - HKLM\..\Run: [MyWebFace Search Scope Monitor] "C:\PROGRA~2\MYWEBF~2\bar\1.bin\5asrchmn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jiří\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DrivUpdater] C:\Windows\updater\updat.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\updater\updat.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\updater\updat.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Facebook Messenger.lnk = ?
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Get Styles\ct.htm (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWebFaceService (MyWebFace_5aService) - COMPANYVERS_NAME - C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12747 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 19280688
\??\C:\Windows\system32\conhost.exe "528278805-894835689-1544964023-1951133740178056125-1635248150-2032256163-1798715621
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
explorer.exe
explorer.exe
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
explorer.exe
explorer.exe
explorer.exe
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
explorer.exe
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5404.130f8200.1926841789 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 5404 "\\.\pipe\gecko-crash-server-pipe.5404" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash5140.679863D8.24901 --host-broker-channel=Flash5140.679863D8.356 --host-pid=5140 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2888.003AF81C.906136529 --proxy-stub-channel=Flash5140.679863D8.24901 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1128
"C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Users\Jiří\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@MyWebFace_5a.com/Plugin]
"Description"=MyWebFace Plugin
"Path"=C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\NP5aStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
Web Search.xml
wikipedia-cz.xml

C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\extensions\
5affxtbr@MyWebFace_5a.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-17 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-17 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-18 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-18 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 391960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 419096]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 2392360]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\updater\updat.exe [2013-01-18 677852]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Facebook Update"=C:\Users\Jiří\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-01 138096]
"DrivUpdater"=C:\Windows\updater\updat.exe [2013-01-18 677852]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-02-25 1602984]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"ICQ"=C:\Program Files (x86)\ICQ7M\ICQ.exe [2013-03-12 127040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\updater\updat.exe [2013-01-18 677852]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"DrivUpdater"=C:\Windows\updater\updat.exe [2013-01-18 677852]
"MyWebFace Search Scope Monitor"=C:\PROGRA~2\MYWEBF~2\bar\1.bin\5asrchmn.exe [2013-03-16 42536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\updater\updat.exe [2013-01-18 677852]

C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-16 22:18:48 ----D---- C:\Program Files\trend micro
2013-03-16 22:18:47 ----D---- C:\rsit
2013-03-16 18:32:18 ----D---- C:\Program Files (x86)\MyWebFace_5a
2013-03-16 16:05:58 ----D---- C:\Program Files (x86)\Euro Truck Simulator
2013-03-16 09:26:29 ----D---- C:\Program Files (x86)\Rockstar Games
2013-03-14 00:23:22 ----D---- C:\Program Files (x86)\Mafia 2 Multiplayer
2013-03-14 00:13:05 ----D---- C:\Program Files (x86)\2K Games
2013-03-13 17:32:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 10:01:16 ----D---- C:\Windows\SoftwareProtection
2013-03-12 07:09:19 ----D---- C:\Users\Jiří\AppData\Roaming\ICQ
2013-03-12 07:09:10 ----D---- C:\Program Files (x86)\ICQ7M
2013-03-09 16:53:56 ----D---- C:\Users\Jiří\AppData\Roaming\OBS
2013-02-28 18:35:38 ----D---- C:\Users\Jiří\AppData\Roaming\TS3Client
2013-02-24 13:06:06 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-02-23 22:11:25 ----D---- C:\Users\Jiří\AppData\Roaming\Xilisoft
2013-02-23 14:23:24 ----A---- C:\Windows\SYSWOW64\Access.dat
2013-02-23 14:21:57 ----D---- C:\Users\Jiří\AppData\Roaming\Tunngle
2013-02-23 14:21:57 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2013-02-23 11:13:43 ----D---- C:\Program Files (x86)\Atari
2013-02-22 21:05:13 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2013-02-21 19:01:45 ----D---- C:\Users\Jiří\AppData\Roaming\Unity
2013-02-18 18:12:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-02-18 18:12:13 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-18 18:12:13 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-02-18 18:12:13 ----A---- C:\Windows\SYSWOW64\java.exe
2013-02-17 21:57:46 ----A---- C:\Windows\system32\javaws.exe
2013-02-17 21:57:35 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-02-17 21:57:35 ----A---- C:\Windows\system32\javaw.exe
2013-02-17 21:57:35 ----A---- C:\Windows\system32\java.exe
2013-02-17 21:57:05 ----D---- C:\Program Files\Java
2013-02-17 15:19:59 ----D---- C:\Users\Jiří\AppData\Roaming\GHISLER
2013-02-17 15:19:59 ----D---- C:\totalcmd

======List of files/folders modified in the last 1 month======

2013-03-16 22:18:53 ----D---- C:\Users\Jiří\AppData\Roaming\uTorrent
2013-03-16 22:18:48 ----RD---- C:\Program Files
2013-03-16 22:18:19 ----D---- C:\Windows\Temp
2013-03-16 22:15:46 ----D---- C:\Users\Jiří\AppData\Roaming\Skype
2013-03-16 21:40:17 ----D---- C:\Users\Jiří\AppData\Roaming\vlc
2013-03-16 20:09:44 ----D---- C:\Windows\system32\config
2013-03-16 19:16:09 ----A---- C:\Windows\SYSWOW64\log.txt
2013-03-16 19:15:47 ----D---- C:\Program Files (x86)\Steam
2013-03-16 19:12:58 ----D---- C:\Program Files (x86)
2013-03-16 17:22:08 ----D---- C:\Windows\Microsoft.NET
2013-03-16 11:21:00 ----D---- C:\Windows\System32
2013-03-16 11:21:00 ----D---- C:\Windows\inf
2013-03-16 11:21:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-16 09:48:40 ----SHD---- C:\Windows\Installer
2013-03-16 09:48:38 ----HD---- C:\ProgramData
2013-03-16 09:48:38 ----D---- C:\Program Files (x86)\Sony
2013-03-16 09:48:15 ----SHD---- C:\System Volume Information
2013-03-16 09:44:29 ----D---- C:\Windows\SysWOW64
2013-03-16 09:43:53 ----D---- C:\Users\Jiří\AppData\Roaming\Sony
2013-03-16 09:26:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-15 22:59:16 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-15 22:57:46 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-15 22:57:46 ----D---- C:\Windows\system32\en-US
2013-03-15 22:51:40 ----RSD---- C:\Windows\assembly
2013-03-15 17:08:09 ----D---- C:\Windows\system32\Tasks
2013-03-14 00:25:07 ----D---- C:\Users\Jiří\AppData\Roaming\SoftGrid Client
2013-03-13 22:11:59 ----D---- C:\Program Files (x86)\Google
2013-03-13 22:11:57 ----D---- C:\Windows\Tasks
2013-03-13 21:34:55 ----A---- C:\DelUS.bat
2013-03-13 21:33:36 ----D---- C:\Windows\system32\catroot2
2013-03-13 21:31:42 ----D---- C:\Program Files\Common Files
2013-03-13 21:31:39 ----D---- C:\ProgramData\Adobe
2013-03-13 21:30:46 ----D---- C:\Program Files (x86)\Adobe
2013-03-13 21:30:12 ----D---- C:\Program Files\Adobe
2013-03-13 21:14:33 ----D---- C:\Users\Jiří\AppData\Roaming\.minecraft
2013-03-13 17:37:44 ----D---- C:\Users\Jiří\AppData\Roaming\Mozilla
2013-03-13 17:32:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-13 15:55:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:01:16 ----D---- C:\Windows
2013-03-11 09:31:10 ----D---- C:\ProgramData\firebird
2013-03-09 20:24:20 ----D---- C:\Windows\winsxs
2013-03-07 20:07:09 ----D---- C:\Windows\Prefetch
2013-03-01 09:20:45 ----RSD---- C:\Windows\Fonts
2013-02-24 13:06:02 ----D---- C:\Program Files (x86)\Common Files
2013-02-24 12:04:43 ----D---- C:\Users\Jiří\AppData\Roaming\DAEMON Tools Lite
2013-02-24 10:27:37 ----D---- C:\ProgramData\McAfee
2013-02-23 16:19:38 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-02-23 14:22:17 ----D---- C:\Windows\system32\drivers
2013-02-23 14:22:16 ----D---- C:\Windows\system32\DriverStore
2013-02-23 14:22:16 ----D---- C:\Windows\system32\catroot
2013-02-21 12:40:47 ----D---- C:\Windows\system32\NDF
2013-02-20 10:00:51 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-18 22:54:16 ----HD---- C:\Windows\Icons
2013-02-18 18:11:58 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-18 18:11:57 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-17 21:57:10 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-02-17 21:57:10 ----A---- C:\Windows\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-21 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-17 4726336]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\Windows\system32\DRIVERS\vrtaucbl.sys [2013-01-24 66728]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1395248]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 MpKsl756ac6c9;MpKsl756ac6c9; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4069A94F-A6C0-43E9-976D-25C2B2800684}\MpKsl756ac6c9.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 X6va009;X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 MyWebFace_5aService;MyWebFaceService; C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe [2013-03-16 42504]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-19 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-07-01 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 bře 2013 23:40

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Frezeer · #3 Příspěvek od **Frezeer** » 17 bře 2013 08:35

Tady to je

# AdwCleaner v2.114 - Logfile created 03/17/2013 at 08:34:00
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jiří - SMACKONE
# Boot Mode : Normal
# Running from : C:\Users\Jiří\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : BrowserProtect
Found : SrvUpdater
Found : Yontoo Desktop Updater

***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\bprotector_extensions.sqlite
File Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\bprotector_prefs.js
File Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\MyWebFace_5a
Folder Found : C:\Program Files (x86)\Protected Search
Folder Found : C:\Program Files (x86)\TornTV.com
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Jiří\AppData\Local\APN
Folder Found : C:\Users\Jiří\AppData\Local\Conduit
Folder Found : C:\Users\Jiří\AppData\Local\DownTango
Folder Found : C:\Users\Jiří\AppData\Local\MyWebFace_5a
Folder Found : C:\Users\Jiří\AppData\Local\Software
Folder Found : C:\Users\Jiří\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jiří\AppData\LocalLow\DownTangoFTToolbar
Folder Found : C:\Users\Jiří\AppData\LocalLow\MyWebFace_5a
Folder Found : C:\Users\Jiří\AppData\LocalLow\simplytech
Folder Found : C:\Users\Jiří\AppData\Roaming\Babylon
Folder Found : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\extensions\5affxtbr@MyWebFace_5a.com
Folder Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\extensions\plugin@yontoo.com
Folder Found : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com
Folder Found : C:\Users\Jiří\AppData\Roaming\Yontoo
Folder Found : C:\Users\Jiří\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\MyWebFace_5a
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ChatZum Toolbar
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKCU\Software\5208fdfb134b844
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.DynamicBarButton
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.DynamicBarButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.FeedManager
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.FeedManager.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.Radio
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.Radio.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.ScriptButton
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.ScriptButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.SkinLauncher
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.SkinLauncher.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.ThirdPartyInstaller
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.ThirdPartyInstaller.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.XMLSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebFace_5a.XMLSessionPlugin.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0B9410D4-ADCB-408F-BB37-E3020F64DA4A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0DCBCA67-3A6B-40F7-BD56-B99244B5DF81}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{427B96AE-0668-44BA-A694-7966194311E0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{654C3FF4-265E-409B-92A6-537574DECF60}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6915A0BA-FDE9-429F-A4B0-96E4302227AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8011A14A-90D9-45DE-B3DD-6D657667397E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B1000508-EFB9-4EAD-BB09-CE6899719B97}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CE2E3004-A9B4-4CCE-A818-16631D861260}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D56886D9-719D-4A9C-98BF-98B4EB5AD805}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FAC8C849-4BB4-4E6F-BDED-6DCBAF1A6713}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\ChatZum Toolbar
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{41B7C739-4708-42A5-85CA-EEDE4C816578}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{75CDADBD-7A6C-4CED-9EA7-93ED462CCF71}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{91244959-96FF-47D5-A989-ACE3CC7DB0B1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C522512A-9C2C-4DE5-9F63-976B560FEF14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D749CF46-ABB0-4A52-BAF6-34461B8DD8CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EC6FAB8B-2417-4B2B-813B-E70BBBADF666}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@MyWebFace_5a.com/Plugin
Key Found : HKLM\Software\MyWebFace_5a
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\5208fdfb134b844
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0A9D317B-2882-4BF7-A5AE-9F696D177328}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FD143A0-6594-407B-B064-8E2E56F67DAF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{29920769-9B2C-4D1E-97FA-74E478E9B371}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2AA056D7-B437-4F88-AC97-88750EDC42F1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AC2FE63-1635-4022-94F2-971789585872}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{41B7C739-4708-42A5-85CA-EEDE4C816578}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{46954B3B-41EC-48C6-94C9-E5257B70E1B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{54BBAEB3-DD44-4C9F-8145-7503CAC042F9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6372C122-1E82-494A-9D5A-DE31ED303036}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75CDADBD-7A6C-4CED-9EA7-93ED462CCF71}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F8F6D0F-EB19-43CB-BD5A-FB5DA9814A51}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{87A787F4-0758-43D1-A750-48B715F185B3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8DBC9EFE-0351-4572-B62C-4EEB5EA10F0E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{91244959-96FF-47D5-A989-ACE3CC7DB0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C522512A-9C2C-4DE5-9F63-976B560FEF14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D749CF46-ABB0-4A52-BAF6-34461B8DD8CE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EC6FAB8B-2417-4B2B-813B-E70BBBADF666}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2263BE11-ACB7-49D9-8313-6B1D5CC42FAA}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97FC5555-8BDC-40EA-8DE2-B1E46B9EA629}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6372C122-1E82-494A-9D5A-DE31ED303036}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97FC5555-8BDC-40EA-8DE2-B1E46B9EA629}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyWebFace_5abar Uninstall
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2263BE11-ACB7-49D9-8313-6B1D5CC42FAA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97FC5555-8BDC-40EA-8DE2-B1E46B9EA629}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKU\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebFace Search Scope Monitor]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [5affxtbr@MyWebFace_5a.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119401&tt=1 ... D8198FACF9
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.delta-search.com/?affID=119401&tt=1 ... D8198FACF9
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\prefs.js

Found : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119401&tt=130313_52ctrl&[...]
Found : user_pref("avg.install.userSPSettings", "Delta Search");
Found : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119401&tt=1 ... l&babsrc=N[...]
Found : user_pref("browser.search.selectedEngine", "Delta Search");
Found : user_pref("extensions.toolbar.mindspark._5aMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Found : user_pref("extentions.y2layers.installId", "666b312e-9e26-4d04-83a0-61eca3589772");

File : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.selectedEngine", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=29[...]
Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=");

*************************

AdwCleaner[R1].txt - [20491 octets] - [17/03/2013 08:34:00]

########## EOF - C:\AdwCleaner[R1].txt - [20552 octets] ##########

#4 Příspěvek od **vyosek** » 17 bře 2013 15:35

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Frezeer · #5 Příspěvek od **Frezeer** » 17 bře 2013 16:16

# AdwCleaner v2.114 - Logfile created 03/17/2013 at 16:09:21
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jiří - SMACKONE
# Boot Mode : Normal
# Running from : C:\Users\Jiří\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : BrowserProtect
Stopped & Deleted : SrvUpdater
Stopped & Deleted : Yontoo Desktop Updater

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\BrowserProtect
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\bprotector_prefs.js
File Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyWebFace_5a
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Jiří\AppData\Local\APN
Folder Deleted : C:\Users\Jiří\AppData\Local\Conduit
Folder Deleted : C:\Users\Jiří\AppData\Local\DownTango
Folder Deleted : C:\Users\Jiří\AppData\Local\MyWebFace_5a
Folder Deleted : C:\Users\Jiří\AppData\Local\Software
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\DownTangoFTToolbar
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\simplytech
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Jiří\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebFace_5a
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\5208fdfb134b844
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\MyWebFace_5a
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5208fdfb134b844
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2263BE11-ACB7-49D9-8313-6B1D5CC42FAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97FC5555-8BDC-40EA-8DE2-B1E46B9EA629}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKU\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119401&tt=1 ... D8198FACF9 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\prefs.js

C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\7qk1qxaz.default\user.js ... Deleted !

Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119401&tt=130313_52ctrl&[...]
Deleted : user_pref("avg.install.userSPSettings", "Delta Search");
Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119401&tt=1 ... l&babsrc=N[...]
Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Deleted : user_pref("extensions.toolbar.mindspark._5aMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Deleted : user_pref("extentions.y2layers.installId", "666b312e-9e26-4d04-83a0-61eca3589772");

File : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=29[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=");

*************************

AdwCleaner[R1].txt - [20596 octets] - [17/03/2013 08:34:00]
AdwCleaner[S1].txt - [15008 octets] - [17/03/2013 16:09:21]

########## EOF - C:\AdwCleaner[S1].txt - [15069 octets] ##########

#6 Příspěvek od **vyosek** » 17 bře 2013 16:18

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Frezeer · #7 Příspěvek od **Frezeer** » 17 bře 2013 16:43

Shortcut Cleaner 1.2.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Program started at: 03/17/2013 04:42:22 PM.

Searching C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Jiří\Desktop\

0 bad shortcuts found.

Program finished at: 03/17/2013 04:42:27 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

#8 Příspěvek od **vyosek** » 17 bře 2013 16:57

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Frezeer · #9 Příspěvek od **Frezeer** » 17 bře 2013 17:56

OTL logfile created on: 17.3.2013 17:16:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiří\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 47,75% Memory free
7,71 Gb Paging File | 5,62 Gb Available in Paging File | 72,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 626,89 Gb Total Space | 49,72 Gb Free Space | 7,93% Space Free | Partition Type: NTFS

Computer Name: SMACKONE | User Name: Jiří | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.17 17:14:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jiří\Downloads\OTL.exe
PRC - [2013.03.13 15:55:37 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.12 07:09:14 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7M\ICQ.exe
PRC - [2013.03.07 21:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
PRC - [2013.03.07 15:29:07 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.06 16:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.03.06 16:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.03.06 16:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.02.25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2013.02.25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012.12.19 12:49:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\explorer.exe
PRC - [2011.04.24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011.04.24 02:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011.04.22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.03.14 12:44:38 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.03.14 12:44:38 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.03.14 12:44:36 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.03.14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.02.01 06:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 06:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010.09.17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
PRC - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.13 15:55:36 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.07 21:32:40 | 021,014,960 | ---- | M] () -- C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013.03.07 21:32:38 | 000,292,272 | ---- | M] () -- C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013.03.07 21:32:38 | 000,179,632 | ---- | M] () -- C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2013.03.07 15:29:21 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.25 07:39:32 | 000,988,584 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.02.19 11:48:10 | 020,340,648 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.02.13 23:39:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.12 09:59:31 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013.01.12 09:58:26 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.12 09:57:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.12 09:57:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.12 09:57:31 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.12 09:57:15 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.12.18 18:28:50 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\sdl.dll
MOD - [2012.12.11 09:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 09:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 09:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011.04.24 02:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2010.11.21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.05.10 13:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2011.04.22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.13 15:55:38 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.07 15:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.06 16:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.19 12:49:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.07.01 02:49:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.04.24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011.03.14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.02.01 06:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 06:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.09.17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010.09.17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.01.24 19:58:42 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.09.21 15:44:39 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.07.14 06:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 06:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.04.20 10:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.03.25 11:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.17 14:31:58 | 004,726,336 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.10 05:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011.03.10 05:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011.01.14 04:01:44 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.10.08 11:32:28 | 001,395,248 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.09.14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.12.02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009.12.02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009.12.02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009.12.02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009.09.19 04:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 04:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 04:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2006.11.16 15:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.03.31 08:39:36 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 04 00 18 03 0E 00 00 00 46 0B 84 4A 01 00 00 80 06 00 18 03 00 00 00 00 [binary data]
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\SearchScopes\{71C76A06-0AA1-4447-839D-0C1509F89D25}: "URL" = http://websearch.ask.com/redirect?clien ... 6FA85EF3D9
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\euuumt72.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.13 17:32:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.11 12:59:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2013.03.13 17:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiří\AppData\Roaming\mozilla\Extensions
[2013.03.17 16:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiří\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013.03.17 16:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiří\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013.03.17 16:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiří\AppData\Roaming\mozilla\Firefox\Profiles\extensions\searchplugins
[2013.03.17 16:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiří\AppData\Roaming\mozilla\Firefox\Profiles\7qk1qxaz.default\extensions
[2013.03.13 17:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 19:59:09 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.07 19:59:09 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.07 19:59:09 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.07 19:59:09 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.08 19:44:21 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013.03.07 19:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [DrivUpdater] C:\Windows\updater\updat.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [DrivUpdater] C:\Windows\updater\updat.exe ()
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [Facebook Update] C:\Users\Jiří\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001..\Run: [Yontoo Desktop] "C:\Users\Jiří\AppData\Roaming\Yontoo\YontooDesktop.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jiří\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\updater\updat.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\updater\updat.exe ()
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02E34778-F1E5-453C-8C4F-A1DBBA30BCCB}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E06E4232-9F7C-42FD-B0CD-22BD6AD068D9}: DhcpNameServer = 192.168.50.1 192.168.50.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.MKVC - C:\Windows\SysWow64\KMVIDC32.DLL ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.03.17 16:48:52 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.17 16:48:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.17 16:48:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.17 16:48:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.17 16:48:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.17 16:48:51 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.17 16:48:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.17 16:48:51 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.17 16:48:51 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.17 16:48:51 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.17 16:48:51 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.17 16:48:51 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.17 16:48:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.17 16:48:51 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.17 16:48:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.17 16:48:50 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.17 16:48:50 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.17 16:48:50 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.17 16:48:50 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.17 16:48:50 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.17 16:48:50 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.17 16:48:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.17 16:48:50 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.17 16:48:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.17 16:48:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.17 16:48:50 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.17 16:48:49 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.17 16:48:49 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.17 16:48:49 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.17 16:48:49 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.17 16:48:49 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.17 16:48:49 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.17 16:48:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.17 16:48:49 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.17 16:48:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.17 16:48:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.17 16:48:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.17 16:48:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.17 16:48:48 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.17 16:48:48 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.17 16:48:48 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.17 16:48:48 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.17 16:48:48 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.17 16:48:48 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.17 16:48:48 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.17 16:48:48 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.17 16:48:48 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.17 16:48:48 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.17 16:48:48 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.17 16:48:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.17 16:48:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.17 16:48:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.17 16:48:48 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.17 16:48:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.17 16:48:47 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.17 16:48:47 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.17 16:48:47 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.17 16:48:47 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.17 16:48:47 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.17 16:48:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.17 16:48:47 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.17 16:48:47 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.17 16:48:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.17 16:48:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.17 16:48:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.17 16:48:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.17 16:48:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.17 16:48:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.17 16:46:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.16 23:55:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.03.16 23:55:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.03.16 23:55:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.03.16 23:55:33 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.03.16 23:55:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013.03.16 23:55:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.03.16 23:55:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.03.16 23:55:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.03.16 23:55:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.03.16 23:55:31 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.03.16 23:55:31 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.03.16 23:55:31 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.03.16 23:55:31 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.03.16 23:55:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.03.16 23:55:31 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.03.16 23:55:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.03.16 23:55:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.03.16 23:55:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.03.16 23:55:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.03.16 23:55:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.03.16 23:55:31 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.03.16 23:55:30 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.03.16 23:55:30 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.03.16 23:55:30 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.03.16 23:55:29 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.03.16 23:52:32 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.03.16 23:52:32 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.03.16 23:52:32 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.03.16 23:52:32 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.03.16 23:52:23 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.03.16 23:52:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.03.16 23:52:18 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.03.16 23:52:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.16 23:52:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.16 23:52:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.16 23:52:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.16 23:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.16 23:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.16 23:52:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.16 23:52:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.16 23:52:17 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.03.16 23:52:16 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.03.16 23:52:16 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.03.16 23:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.16 23:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.16 23:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.16 23:52:15 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.03.16 23:52:15 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.03.16 23:52:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.16 23:52:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.16 23:52:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.16 23:52:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.16 23:52:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.16 23:52:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.16 23:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.16 23:52:14 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.03.16 23:52:14 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.03.16 23:52:14 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.03.16 23:52:14 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.03.16 23:52:13 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.03.16 23:52:13 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.03.16 23:52:13 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.03.16 23:52:13 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.03.16 23:52:12 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.03.16 23:52:12 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.03.16 23:52:12 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.03.16 23:51:35 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.03.16 23:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.16 23:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.16 23:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.16 22:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.03.16 22:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.03.16 22:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.16 22:18:47 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.16 21:40:54 | 000,000,000 | ---D | C] -- C:\Users\Jiří\AppData\Local\{2597B70D-726C-4FD6-BB60-217372F41633}
[2013.03.16 19:11:06 | 000,000,000 | ---D | C] -- C:\Users\Jiří\AppData\Local\CrashRpt
[2013.03.16 18:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2013.03.16 16:07:06 | 000,000,000 | ---D | C] -- C:\Users\Jiří\Documents\Euro Truck Simulator
[2013.03.16 16:06:09 | 000,000,000 | ---D | C] -- C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator
[2013.03.16 16:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator
[2013.03.16 09:43:52 | 000,000,000 | ---D | C] -- C:\Users\Jiří\Documents\GTA San Andreas User Files
[2013.03.16 09:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2013.03.16 09:12:51 | 000,000,000 | ---D | C] -- C:\Users\Jiří\Desktop\GTA San Andreas
[2013.03.14 00:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia 2 Multiplayer
[2013.03.14 00:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mafia 2 Multiplayer
[2013.03.14 00:13:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2013.03.13 21:11:30 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Jiří\Desktop\MinecraftSP.exe
[2013.03.13 17:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.03.13 10:01:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareProtection
[2013.03.12 07:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2013.03.12 07:09:19 | 000,000,000 | ---D | C] -- C:\Users\Jiří\AppData\Roaming\ICQ
[2013.03.12 07:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7M
[2013.03.10 18:18:54 | 000,000,000 | ---D | C] -- C:\Users\Jiří\AppData\Local\{3C0B814E-ABE7-436A-BF0E-4FEA10DCDF7B}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.03.17 17:21:34 | 007,389,815 | -H-- | M] () -- C:\Users\Jiří\AppData\Roaming\Jiřílog.dat
[2013.03.17 17:20:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.17 17:15:36 | 000,019,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 17:15:36 | 000,019,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 17:09:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.17 17:09:26 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.17 16:55:13 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.17 16:48:52 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.17 16:48:52 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.17 16:48:52 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.17 16:48:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.17 16:48:52 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.17 16:48:51 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.17 16:48:51 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.17 16:48:51 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.17 16:48:51 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.17 16:48:51 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.17 16:48:51 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.17 16:48:51 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.17 16:48:51 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.17 16:48:51 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.17 16:48:51 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.17 16:48:50 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.17 16:48:50 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.17 16:48:50 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.17 16:48:50 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.17 16:48:50 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.17 16:48:50 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.17 16:48:50 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.17 16:48:50 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.17 16:48:50 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.17 16:48:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.17 16:48:50 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.17 16:48:49 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.17 16:48:49 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.17 16:48:49 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.17 16:48:49 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.17 16:48:49 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.17 16:48:49 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.17 16:48:49 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.17 16:48:49 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.17 16:48:49 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.17 16:48:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.17 16:48:49 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.17 16:48:49 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.17 16:48:49 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.17 16:48:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.17 16:48:48 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.17 16:48:48 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.17 16:48:48 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.17 16:48:48 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.17 16:48:48 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.17 16:48:48 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.17 16:48:48 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.17 16:48:48 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.17 16:48:48 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.17 16:48:48 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.17 16:48:48 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.17 16:48:48 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.17 16:48:48 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.17 16:48:48 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.17 16:48:48 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.17 16:48:48 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.17 16:48:47 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.17 16:48:47 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.17 16:48:47 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.17 16:48:47 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.17 16:48:47 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.17 16:48:47 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.17 16:48:47 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.17 16:48:47 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.17 16:48:47 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.17 16:48:47 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.17 16:48:47 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.17 16:48:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.17 16:48:47 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.17 16:48:47 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.17 16:41:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job
[2013.03.17 16:05:09 | 000,767,646 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.17 16:05:09 | 000,654,908 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.17 16:05:09 | 000,122,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.17 16:04:43 | 000,767,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.16 23:40:16 | 001,609,216 | ---- | M] () -- C:\Users\Jiří\Desktop\FoxRadio.exe
[2013.03.16 22:53:17 | 000,001,139 | ---- | M] () -- C:\Users\Jiří\Desktop\Windows Update Troubleshooting Info.lnk
[2013.03.16 21:41:38 | 008,198,784 | ---- | M] () -- C:\Users\Jiří\Desktop\Mafia 2.wmv
[2013.03.16 19:21:53 | 000,157,008 | ---- | M] () -- C:\Users\Jiří\Desktop\Bez názvu.png
[2013.03.16 19:11:00 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Mafia 2 Multiplayer.lnk
[2013.03.16 18:28:07 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2013.03.16 16:06:09 | 000,001,123 | ---- | M] () -- C:\Users\Jiří\Desktop\Euro Truck Simulator.lnk
[2013.03.16 11:32:48 | 000,561,724 | ---- | M] () -- C:\Users\Jiří\Desktop\sa-mp-000.png
[2013.03.16 09:47:21 | 000,002,640 | ---- | M] () -- C:\Users\Jiří\Documents\Register Vegas Pro.htm
[2013.03.16 09:44:37 | 000,001,169 | ---- | M] () -- C:\Users\Jiří\Desktop\Grand Theft Auto-San Andreas Multiplayer 0.3x.lnk
[2013.03.16 09:26:29 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2013.03.15 16:30:57 | 000,984,969 | ---- | M] () -- C:\Users\Jiří\Desktop\sa-mp-008.png
[2013.03.13 21:34:55 | 000,000,961 | ---- | M] () -- C:\DelUS.bat
[2013.03.13 17:32:53 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.13 15:55:38 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 15:55:37 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.13 12:08:44 | 000,058,381 | ---- | M] () -- C:\Users\Jiří\Desktop\iw3sp 2013-03-13 12-08-44-66.jpg
[2013.03.13 10:24:32 | 000,001,319 | ---- | M] () -- C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013.03.12 07:09:39 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.17 17:20:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.17 16:48:49 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.17 16:48:48 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.16 22:53:17 | 000,001,139 | ---- | C] () -- C:\Users\Jiří\Desktop\Windows Update Troubleshooting Info.lnk
[2013.03.16 21:41:05 | 008,198,784 | ---- | C] () -- C:\Users\Jiří\Desktop\Mafia 2.wmv
[2013.03.16 19:21:53 | 000,157,008 | ---- | C] () -- C:\Users\Jiří\Desktop\Bez názvu.png
[2013.03.16 18:28:07 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2013.03.16 16:06:09 | 000,001,123 | ---- | C] () -- C:\Users\Jiří\Desktop\Euro Truck Simulator.lnk
[2013.03.16 11:32:47 | 000,561,724 | ---- | C] () -- C:\Users\Jiří\Desktop\sa-mp-000.png
[2013.03.16 11:17:30 | 190,736,669 | ---- | C] () -- C:\Users\Jiří\Desktop\Euro-truck-simulator-2008-plná-verze-v-češtině.rar
[2013.03.16 09:47:21 | 000,002,640 | ---- | C] () -- C:\Users\Jiří\Documents\Register Vegas Pro.htm
[2013.03.16 09:26:29 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2013.03.15 22:41:06 | 001,609,216 | ---- | C] () -- C:\Users\Jiří\Desktop\FoxRadio.exe
[2013.03.15 16:30:56 | 000,984,969 | ---- | C] () -- C:\Users\Jiří\Desktop\sa-mp-008.png
[2013.03.14 00:23:32 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Mafia 2 Multiplayer.lnk
[2013.03.13 17:32:53 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.13 17:32:52 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.13 12:08:44 | 000,058,381 | ---- | C] () -- C:\Users\Jiří\Desktop\iw3sp 2013-03-13 12-08-44-66.jpg
[2013.03.12 07:09:39 | 000,001,777 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2013.02.23 14:23:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.01.25 12:53:05 | 000,000,000 | -H-- | C] () -- C:\Users\Jiří\AppData\Roaming\winsvcns.sys
[2013.01.22 18:01:33 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\KMVIDC32.DLL
[2012.11.20 18:49:09 | 000,000,700 | -HS- | C] () -- C:\Users\Jiří\AppData\Local\systemFL7.dat
[2012.11.20 17:42:51 | 000,000,082 | ---- | C] () -- C:\Windows\mafosav.INI
[2012.11.08 19:44:06 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.09.05 15:48:45 | 000,007,604 | ---- | C] () -- C:\Users\Jiří\AppData\Local\Resmon.ResmonCfg
[2012.08.14 08:22:02 | 000,000,230 | ---- | C] () -- C:\Windows\wininit.ini
[2012.08.10 19:58:58 | 000,000,600 | ---- | C] () -- C:\Users\Jiří\AppData\Local\PUTTY.RND
[2012.08.09 09:24:10 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.09 09:24:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.08 08:19:16 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.08.02 09:09:58 | 000,004,608 | ---- | C] () -- C:\Users\Jiří\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.07.11 08:22:15 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012.07.01 12:13:10 | 000,767,646 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.26 13:09:45 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.26 13:09:45 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.09.26 13:09:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2005.04.08 03:16:43 | 007,389,815 | -H-- | C] () -- C:\Users\Jiří\AppData\Roaming\Jiřílog.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.03.13 21:14:33 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\.minecraft
[2013.01.21 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Ashampoo
[2012.12.24 10:19:49 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Audacity
[2013.02.09 13:09:18 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Avnex
[2012.12.21 12:57:31 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\BANDISOFT
[2012.12.14 15:41:47 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\BitLord
[2012.12.08 19:44:52 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Caphyon
[2013.02.24 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\DAEMON Tools Lite
[2012.07.13 13:59:12 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\FloodLightGames
[2013.02.17 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\GHISLER

Frezeer · #10 Příspěvek od **Frezeer** » 17 bře 2013 17:57

[2012.09.21 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\GoforFiles
[2013.03.17 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\ICQ
[2012.09.28 20:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Leadertech
[2012.10.20 09:29:12 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\LolClient
[2013.01.07 01:34:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Mount&Blade Warband
[2012.10.20 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\MP3SkypeRecorder
[2013.03.09 16:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\OBS
[2012.12.29 23:54:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Opera
[2013.01.20 10:13:49 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Pamela
[2012.08.27 21:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PC Suite
[2013.02.15 16:50:23 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PDAppFlex
[2012.11.30 20:57:46 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PunkBuster
[2012.12.08 12:58:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Python-Eggs
[2012.11.10 14:43:26 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Rovio
[2012.08.27 21:01:08 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Samsung
[2013.03.14 00:25:07 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\SoftGrid Client
[2012.08.02 09:15:02 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Solveig Multimedia
[2013.03.16 09:43:53 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Sony
[2012.10.09 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Steinberg
[2013.01.24 12:52:37 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\SYSTEMAX Software Development
[2013.01.13 15:04:27 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TeamViewer
[2012.07.01 12:13:55 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TP
[2013.03.08 22:59:50 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TS3Client
[2013.02.16 19:10:45 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TuneUp Software
[2013.02.23 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Tunngle
[2012.11.21 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Ubisoft
[2013.02.21 19:01:45 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Unity
[2013.03.16 22:35:10 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\uTorrent
[2012.10.16 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\wargaming.net
[2013.01.28 20:56:20 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\WarlockStudio
[2012.07.01 10:36:14 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\WildTangent
[2013.02.23 22:11:25 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Xilisoft

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.01 04:56:42 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.01 01:36:53 | 000,000,902 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001Core.job
[2013.01.01 01:36:53 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.07.14 06:24:59 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.07.14 06:24:59 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.07.20 03:13:45 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.07.20 03:13:45 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{0874086B-4AD8-4B4D-9321-DCBA3AA69C8C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{0874086B-4AD8-4B4D-9321-DCBA3AA69C8C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{216EB3F9-CCA5-4D88-B667-8753307DEB5C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{216EB3F9-CCA5-4D88-B667-8753307DEB5C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{2E38CCC9-9766-4A17-A43E-863E7212F31C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{2E38CCC9-9766-4A17-A43E-863E7212F31C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{37563DDE-E710-405A-B8BF-76F27402E554}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{37563DDE-E710-405A-B8BF-76F27402E554}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{7665A933-1049-43DD-B692-416C7F6A55D6}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{7665A933-1049-43DD-B692-416C7F6A55D6}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{8780588E-EF91-442B-BD5F-2D50DE7ABF76}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{8780588E-EF91-442B-BD5F-2D50DE7ABF76}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{9C03F88D-8608-44B7-A3E7-7316D1CAC152}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{9C03F88D-8608-44B7-A3E7-7316D1CAC152}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{B52976F5-3EE4-4C77-80B9-11911F065EF7}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{B52976F5-3EE4-4C77-80B9-11911F065EF7}\cs-CZ\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[5 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.03.13 21:14:33 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\.minecraft
[2013.02.16 19:54:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Adobe
[2012.12.29 23:58:23 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Apple Computer
[2013.01.21 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Ashampoo
[2012.12.24 10:19:49 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Audacity
[2013.02.09 13:09:18 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Avnex
[2012.12.21 12:57:31 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\BANDISOFT
[2012.12.14 15:41:47 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\BitLord
[2012.12.08 19:44:52 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Caphyon
[2012.09.22 11:57:36 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\CyberLink
[2013.02.24 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\DAEMON Tools Lite
[2013.01.21 17:32:31 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\dvdcss
[2012.07.13 13:59:12 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\FloodLightGames
[2013.02.17 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\GHISLER
[2012.09.21 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\GoforFiles
[2013.03.17 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\ICQ
[2012.07.01 03:46:38 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Identities
[2012.09.28 20:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Leadertech
[2012.10.20 09:29:12 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\LolClient
[2012.07.01 03:46:58 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Macromedia
[2010.11.21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Media Center Programs
[2013.01.29 17:43:23 | 000,000,000 | --SD | M] -- C:\Users\Jiří\AppData\Roaming\Microsoft
[2013.01.07 01:34:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Mount&Blade Warband
[2013.03.13 17:37:44 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Mozilla
[2012.10.20 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\MP3SkypeRecorder
[2013.03.09 16:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\OBS
[2012.12.29 23:54:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Opera
[2013.01.20 10:13:49 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Pamela
[2012.08.27 21:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PC Suite
[2013.02.15 16:50:23 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PDAppFlex
[2012.11.30 20:57:46 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\PunkBuster
[2012.12.08 12:58:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Python-Eggs
[2012.11.10 14:43:26 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Rovio
[2012.08.27 21:01:08 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Samsung
[2012.09.05 16:11:28 | 000,000,000 | RH-D | M] -- C:\Users\Jiří\AppData\Roaming\SecuROM
[2013.03.17 17:41:02 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Skype
[2013.03.14 00:25:07 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\SoftGrid Client
[2012.08.02 09:15:02 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Solveig Multimedia
[2013.03.16 09:43:53 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Sony
[2012.10.09 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Steinberg
[2013.01.24 12:52:37 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\SYSTEMAX Software Development
[2013.01.13 15:04:27 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TeamViewer
[2012.07.01 12:13:55 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TP
[2013.03.08 22:59:50 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TS3Client
[2013.02.16 19:10:45 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\TuneUp Software
[2013.02.23 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Tunngle
[2012.11.21 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Ubisoft
[2013.02.21 19:01:45 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Unity
[2013.03.16 22:35:10 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\uTorrent
[2013.03.17 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\vlc
[2012.10.16 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\wargaming.net
[2013.01.28 20:56:20 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\WarlockStudio
[2012.07.01 10:36:14 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\WildTangent
[2013.02.13 01:52:51 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\WinRAR
[2013.02.23 22:11:25 | 000,000,000 | ---D | M] -- C:\Users\Jiří\AppData\Roaming\Xilisoft

< %APPDATA%\*.exe /s >
[2013.03.13 21:38:13 | 000,010,134 | R--- | M] () -- C:\Users\Jiří\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.02.17 22:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Jiří\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2012.10.26 21:31:14 | 001,007,720 | ---- | M] (WildTangent) -- C:\Users\Jiří\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe
[2012.10.26 21:31:12 | 000,000,179 | ---- | M] () -- C:\Users\Jiří\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe_filedata
[2012.11.28 20:08:02 | 000,000,174 | ---- | M] () -- C:\Users\Jiří\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-acer.exe_filedata
[2012.05.22 02:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\Jiří\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.03.17 16:48:50 | 013,761,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.03.17 16:48:51 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job >
[2013.03.17 16:55:13 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.08 17:31:52 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001Core.job
[2013.03.17 16:41:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.03.17 16:48:50 | 013,761,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.03.17 16:48:51 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.17 16:48:50 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.03.17 16:48:50 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.03.17 16:48:52 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2013.03.17 16:48:50 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2013.03.17 16:48:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013.03.17 16:48:50 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.03.17 16:48:50 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2013.03.17 16:48:50 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.03.17 16:48:50 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.03.17 16:48:50 | 013,761,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.03.17 16:48:51 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.03.17 16:48:49 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.03.17 16:48:52 | 002,046,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.03.17 16:48:49 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.03.17 16:48:50 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.03.17 16:48:50 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2013.03.17 16:48:49 | 000,025,185 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2013.03.17 16:48:51 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2013.03.17 16:48:51 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2013.03.17 16:48:51 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.03.17 16:48:49 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2013.03.17 16:48:51 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.03.17 16:48:51 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.03.17 16:48:50 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.03.17 16:48:52 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2013.03.17 16:48:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.03.17 17:12:57 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.03.17 16:48:51 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.03.17 16:48:50 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.03.17 16:48:50 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2013.03.17 16:48:51 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2013.03.17 16:48:51 | 014,317,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.03.17 16:48:51 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2013.03.17 16:48:51 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.03.17 16:48:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.03.17 16:48:51 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2013.03.17 16:48:52 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.03.17 16:48:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013.03.17 16:48:51 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013.03.17 16:05:09 | 000,767,646 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.03.17 16:48:51 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013.03.17 16:48:52 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2013.03.17 16:48:50 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2013.03.17 16:48:50 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2013.03.17 16:48:50 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.03.17 16:48:52 | 001,129,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2013.03.17 16:48:51 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013.03.17 16:48:51 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.03.17 16:48:51 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2013.03.17 16:48:52 | 001,766,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.08.28 14:52:56 | 003,671,904 | ---- | M] (DT Soft Ltd)
"Facebook Update" = "C:\Users\Jiří\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.01.01 01:36:48 | 000,138,096 | ---- | M] (Facebook Inc.)
"DrivUpdater" = C:\Windows\updater\updat.exe -- [2013.01.18 21:04:45 | 000,677,852 | RHS- | M] ()
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013.02.25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 12:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 04:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4 -- [2013.03.12 07:09:14 | 000,127,040 | ---- | M] (ICQ, LLC.)
"Yontoo Desktop" = "C:\Users\Jiří\AppData\Roaming\Yontoo\YontooDesktop.exe"

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.03.07 15:29:07 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=BF2F2717C13A4BD4FD73F2788534E86B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.03.17 16:48:52 | 000,770,560 | ---- | M] (Microsoft Corporation) MD5=2859EBC065D2E1CCC94161CE28BAC085 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.17 17:20:43 | 000,000,512 | ---- | M] () MD5=E4243CA35A237A1CB1B422904E258260 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1356760250-1139593437-539297764-1001\$R7TUBZL\data\Decision\Craig\crack1.ped
[2012.06.17 11:38:17 | 000,000,668 | ---- | M] () -- \Backup\Jura\AppData\Roaming\Microsoft\Windows\Recent\crack-do-Flatout-2.lnk
[2011.12.27 16:20:04 | 000,302,780 | ---- | M] () -- \Backup\Jura\Documents\Moje memory card- Jirka\Hry\ec\SAMP_RCON_Cracker_NEW\SAMP_RCON_CRACKER_hack_tool.rar
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Backup\Jura\Saved Games\Hry\GTA-SanAndreas\data\Decision\Craig\crack1.ped
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[1 \Program Files (x86)\Microsoft Games\Flight Simulator 9\*.tmp files -> \Program Files (x86)\Microsoft Games\Flight Simulator 9\*.tmp -> ]
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2013.02.14 16:39:00 | 000,299,721 | ---- | M] () -- \Users\Jiří\AppData\Local\Roblox\Versions\version-3789d377c3ab4ee1\content\textures\vol_ice_cracked2.dds
[2013.03.16 09:35:33 | 000,000,872 | ---- | M] () -- \Users\Jiří\AppData\Roaming\Microsoft\Windows\Recent\GTA-San-Andreas-CRACK.lnk
[2013.03.01 12:11:38 | 000,004,613 | ---- | M] () -- \Users\Jiří\AppData\Roaming\uTorrent\GTA San Andreas CRACK [2Lions].1.torrent
[2013.03.01 10:37:09 | 000,004,613 | ---- | M] () -- \Users\Jiří\AppData\Roaming\uTorrent\GTA San Andreas CRACK [2Lions].torrent
[2013.02.23 22:06:23 | 000,010,077 | ---- | M] () -- \Users\Jiří\AppData\Roaming\uTorrent\Xilisoft HD Video Converter 6.0.14.1104 + Crack-[HB].torrent
[2013.03.01 12:12:48 | 004,746,852 | ---- | M] () -- \Users\Jiří\Desktop\Instalace GTA San Andreas\GTA-San-Andreas-CRACK.rar
[2010.12.09 12:50:04 | 005,570,560 | ---- | M] () -- \Users\Jiří\Desktop\Songy na radio\HPTN vol.2 Mr. Mustage sampler\03-3. La4 & James Cole - Neco jako klid_Crack.mp3

< *keygen* /s >
[2012.12.17 11:04:02 | 000,091,648 | ---- | M] () -- \Program Files (x86)\SoftwareUpdater\KeyGen.dll

< *loader* /s >
[2012.06.20 15:17:13 | 000,000,673 | ---- | M] () -- \Backup\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\Media\ajax-loader.gif
[2012.04.20 12:50:52 | 000,000,723 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OFYR42D\downloaderror[1].js
[2012.04.20 12:50:52 | 000,001,174 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OFYR42D\downloader[1].js
[2012.04.30 15:13:58 | 000,002,181 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OFYR42D\gameplay_loader[1].css
[2012.06.15 20:51:40 | 000,010,519 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.06.09 20:29:55 | 000,000,171 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\downloader[1].htm
[2012.05.01 07:49:57 | 000,002,181 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\gameplay_loader[1].css
[2012.05.01 07:49:58 | 000,005,047 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\gameplay_loader[1].js
[2012.06.17 16:02:36 | 000,002,158 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\gameplay_loader[2].css
[2012.06.02 09:17:45 | 000,001,667 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\loader[1].js
[17 \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\*.tmp files -> \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G511BKQG\*.tmp -> ]
[2012.06.15 20:51:39 | 000,000,652 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTDKRJY\AdLoader[1].htm
[2012.04.20 12:50:48 | 000,007,900 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTDKRJY\bundleloader[1].js
[2012.06.17 16:02:51 | 000,012,116 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTDKRJY\GamePlayLoader[1].htm
[2012.04.30 15:13:59 | 000,005,047 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTDKRJY\gameplay_loader[1].js
[2012.06.17 16:02:37 | 000,005,047 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTDKRJY\gameplay_loader[2].js
[2012.06.09 20:30:01 | 000,000,253 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UL3CNSNR\downloader[1].htm
[2012.05.09 09:52:28 | 000,000,673 | ---- | M] () -- \Backup\Jura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UL3CNSNR\loader[1].gif
[2012.05.28 14:51:38 | 000,001,222 | ---- | M] () -- \Backup\Jura\AppData\Roaming\.minecraft\ModLoader.txt
[2012.05.28 14:02:06 | 000,000,126 | ---- | M] () -- \Backup\Jura\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.06.03 16:24:56 | 000,010,145 | ---- | M] () -- \Backup\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\9dd1ll5m.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}\modules\ExternalLibraryLoader.jsm
[2012.05.27 17:02:18 | 000,103,347 | ---- | M] () -- \Backup\Jura\Saved Games\Microsoft Games\Mods minecraft\ModLoader.zip
[2010.08.24 10:53:04 | 000,071,008 | ---- | M] () -- \Program Files (x86)\2K Games\Mafia II\pc\PhysXLoader.dll
[2011.07.04 14:29:56 | 000,124,200 | ---- | M] () -- \Program Files (x86)\Acer\Acer Crystal Eye Webcam\Koan\pyloader.dll
[2012.12.07 18:05:30 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2008.07.28 14:27:04 | 000,019,968 | ---- | M] () -- \Program Files (x86)\Euro Truck Simulator\lib\loaders.dll
[2013.03.12 07:09:11 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.03.12 07:09:11 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.03.12 07:09:10 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013.03.11 00:00:08 | 000,724,480 | ---- | M] () -- \Program Files (x86)\MTA San Andreas 1.3\MTA\loader.dll
[2010.06.01 13:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 02:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010.09.21 15:26:00 | 000,011,061 | ---- | M] () -- \Program Files (x86)\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader.php
[2010.09.21 15:26:00 | 000,016,697 | ---- | M] () -- \Program Files (x86)\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader\Autoloader.php
[2010.09.21 15:26:00 | 000,014,777 | ---- | M] () -- \Program Files (x86)\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader\PluginLoader.php
[2009.06.02 01:16:57 | 000,114,688 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.09.21 15:45:33 | 000,057,728 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.09.21 15:45:33 | 000,057,728 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.09.21 15:45:33 | 000,057,728 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.09.21 15:45:34 | 000,057,728 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.09.21 15:45:34 | 000,057,728 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.09.21 15:45:34 | 000,061,770 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.09.21 15:45:34 | 000,061,770 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.03.16 22:32:49 | 000,002,214 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OFH132J\downloader[1].htm
[2013.03.12 07:09:27 | 000,000,402 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OFH132J\preloader[1].htm
[2013.03.13 17:33:45 | 000,000,905 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OFH132J\TooltipLoader[1].css
[2013.03.17 17:13:35 | 000,105,903 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZM49W24\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.03.09 13:10:06 | 000,105,903 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QJ0G36AR\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.03.12 15:45:45 | 000,002,886 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QJ0G36AR\preloader01_b[1].swf
[2013.03.09 13:10:06 | 000,000,753 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0JWFI7Y\AdLoader[1].htm
[2013.03.16 22:33:00 | 000,002,139 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0JWFI7Y\downloader[1].htm
[2013.03.13 17:33:45 | 000,014,290 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0JWFI7Y\TooltipLoader[1].js
[2013.03.17 17:13:34 | 000,000,753 | ---- | M] () -- \Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4IKUQJ3\AdLoader[1].htm
[2010.09.21 15:26:00 | 000,011,061 | ---- | M] () -- \Users\Jiří\AppData\Local\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader.php
[2010.09.21 15:26:00 | 000,016,697 | ---- | M] () -- \Users\Jiří\AppData\Local\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader\Autoloader.php
[2010.09.21 15:26:00 | 000,014,777 | ---- | M] () -- \Users\Jiří\AppData\Local\SpacialAudio\SAMBC\samPHPweb\library\Zend\Loader\PluginLoader.php
[2013.03.09 15:21:33 | 000,009,216 | ---- | M] () -- \Users\Jiří\AppData\Local\Temp\_MEI69642\_win32sysloader.pyd
[2013.01.27 19:40:44 | 000,001,208 | ---- | M] () -- \Users\Jiří\AppData\Roaming\.minecraft\ModLoader.txt
[2012.12.18 15:25:08 | 000,000,805 | ---- | M] () -- \Users\Jiří\AppData\Roaming\.minecraft\ModLoader.txt.1
[2013.01.27 19:40:35 | 000,000,144 | ---- | M] () -- \Users\Jiří\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2013.02.23 14:01:18 | 000,004,549 | ---- | M] () -- \Users\Jiří\AppData\Roaming\uTorrent\Windows 7 Loader eXtreme Edition v3.503-NAPALUM~DiBYA.torrent
[2013.03.17 16:40:06 | 000,040,856 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-BC94E7C6.pf
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 08:06:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 08:06:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010.11.21 08:06:45 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010.11.21 08:06:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010.11.21 08:06:45 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011.07.14 06:25:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.14 06:25:44 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.14 06:25:44 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.14 06:25:44 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.14 06:25:44 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 08:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.07.14 06:25:40 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.14 06:25:40 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 453 bytes -> C:\ProgramData\Temp:05EE1EEF

< End of report >

Frezeer · #11 Příspěvek od **Frezeer** » 17 bře 2013 18:01

Extras

OTL Extras logfile created on: 17.3.2013 17:16:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiří\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 47,75% Memory free
7,71 Gb Paging File | 5,62 Gb Available in Paging File | 72,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 626,89 Gb Total Space | 49,72 Gb Free Space | 7,93% Space Free | Partition Type: NTFS

Computer Name: SMACKONE | User Name: Jiří | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D9E108-EC30-4472-BEEA-5B649DE40330}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D1E131F-82A1-47E1-BD80-2EE5CB409DA7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D0DDFF8-8D4E-4C2E-99CE-F88B93241028}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2FCE1EDB-4CC0-4AF0-9AB3-691A72503E00}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32D797D5-6249-4B02-BB19-CAABD4AF8736}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CC17362-7D24-49F8-B0AC-580F0ED0AB31}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5041365A-D744-4B56-B3D6-02E53D76B0A0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{56165070-E0DD-48C5-A928-1F66A3BC7404}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58D43DF7-B5BE-4A45-B436-4D5EE135413F}" = lport=137 | protocol=17 | dir=in | app=system |
"{5953368C-D6BE-44F2-B848-9CE39F8D2A59}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F1A6DCD-7C6F-44A8-A5CD-B0C811627052}" = lport=10243 | protocol=6 | dir=in | app=system |
"{69875FF3-7312-4A50-8FFB-B413CAF0B9B4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7782A8AD-929D-4EDF-ABF0-4003A5C4B6D7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7A7699C7-DBF8-486B-9A4D-CA7A8744AFFC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7EB40910-99D4-41B7-A129-C7D03D0EE1AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{839EA03F-5E13-436B-8CA0-78C56393EC10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{91F44E6C-04AE-40BF-9B2D-8A5BFC96DC2C}" = rport=137 | protocol=17 | dir=out | app=system |
"{9DEFC93D-4AB6-4261-98F0-2EC9883BE1A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A23AD1BC-F756-4C1D-9703-E325EDAC187C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8CFE85B-5DEA-4F74-A98D-8C4973E0ACEA}" = lport=445 | protocol=6 | dir=in | app=system |
"{BC614E30-153A-43C8-92DD-B88CC4BD4B34}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C66B988E-389D-4598-9796-C2E7E678F064}" = lport=139 | protocol=6 | dir=in | app=system |
"{D17AAFEF-527E-4F2E-9FD4-68EDB83B648D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA9E022A-0FC5-4674-BCF7-E2A04AD564AD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E6E6876C-3088-4960-B49F-45DDE5F41D3E}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FA27D2-33A4-4678-97B0-51A049478732}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{05C02BBF-ACE5-44E2-B96A-71283E254840}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0644FF94-A021-4BF9-97D9-9BC48182A1B4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{0649D842-C400-41EB-8D16-4A482C73233A}" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe |
"{08699E93-975F-4F96-A6F6-9CB62D0F2559}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1148A51F-537C-47FD-9AB0-BB17C95B2240}" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{13B0F15E-8BE4-41C8-9E58-1EB8825C8326}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1B1D3C04-1B36-45BB-969F-794E5F651D10}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{219D1779-29DB-4999-87DA-BBAA00569AA5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{27FE929B-99BE-42C8-908F-2B2E3A54E822}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{35A2CB0C-0EFE-44DF-BC9B-BDAC60253EA4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{35A8337E-40B4-4CA6-9B3B-13D36D57898B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{367FA7BF-8037-4B9B-AF2E-88791CE37D68}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{380FA148-9257-486D-B340-4AD6E69BB001}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{3CE0912E-D262-40B9-867E-6426D6BE4D22}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{45565D94-C95C-4483-BCB9-D6DA11B5C942}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{45E96DDA-FC03-4C06-BCCA-FF55DDB30679}" = protocol=17 | dir=in | app=c:\users\jiří\desktop\gamer\cod4\iw3mp.exe |
"{46248CC3-2AF2-479C-89BA-80D4AE89597E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4B35536B-4CD0-4A50-8086-0188C7D1AAE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F5876C6-04BC-4583-9482-63D600F0FB76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50147794-43CE-4D91-9E7E-A6B1BEE143A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{56C4B0C7-C388-4015-9E95-8453489A8FB5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{57CDDFA4-BAB7-4B49-84BE-03D348E4CC53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{58102D4E-578C-46CB-8338-F8EF6BE5CF38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C2ECF39-9F08-4EC8-B410-6DA9381B6712}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{5C853B5E-C405-4267-B070-D5F1A1D5F35B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe |
"{63D985A8-E65F-44D2-88DC-B1EFBE6FA535}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{67340416-1658-4EF4-ABE8-F87987AEAB9D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{67BD2F24-F921-4727-87DB-B11DBF145FE6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{6A09BF8E-EAAB-407D-AF98-64DC556C8757}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{723DDCE0-6E83-4A0F-9FA7-275CA2CAB9E5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{77A8CF05-8840-4C87-AB44-DD1B215FFA77}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{79CC4D22-92C3-4F5D-8653-700837FFBEE2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{7E17BC09-8B72-46F4-A191-4E0BC9B9E12C}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8AC15007-9A70-4684-A067-26ECF13A3B0E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{8C0BCA54-9128-49E5-83DE-A511BC1419A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91FFF350-881B-4A3F-B533-2D31D41C23BD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{97636CEE-C54E-4287-9CEA-5FD3A2DEBD7A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9C97DB35-D87E-4401-9A3A-1DC511C29585}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe |
"{9D924D30-90B9-4203-B6FE-D56CA03FCE36}" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe |
"{9EEBC60F-A97C-4B23-84DF-A60EA9A480DB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{9F9C2D72-3340-43B4-A530-44D341B3E81E}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{9FDE7D47-F608-4F83-B468-3175D20434DF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A2D4153A-5939-4922-9A1D-944E87C82B1E}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{A36BC72E-D801-4F1C-B0E8-873BB3AA9E6D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A6F8F992-AC3A-43D2-B621-181A53758C68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8E72D5A-381A-41BE-8BCD-605E8AB4D118}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A912A1AB-D0D8-413F-9C3A-75E14B27DAF5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AD0A931B-2555-411F-8C24-65DFDC406130}" = protocol=6 | dir=in | app=c:\users\jiří\desktop\gamer\cod4\iw3mp.exe |
"{AD63774C-2416-43C2-96A7-7D947CFAE4EF}" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{B822B609-3512-4A48-B30B-9B74EADB385E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BB88947A-7B53-4D32-A838-09433C153EB3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BDEA9AF4-9456-4CD6-B2E5-DEA882CBF533}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CA8A684C-0360-4B88-B0DA-0174B83043DE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB19B276-C5A0-42C8-B841-EAF68F2DDB94}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CC6E4FC1-CE12-4E51-89FA-912DD681748A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{D062E886-854F-4CB4-8514-ADBAB71641AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6400346-0539-4F23-A982-CAC79B7EC904}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D75721CD-2477-4985-A7B6-E836573ADB6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D8FC0E70-EE1E-41CE-8BFA-2004CAF913CE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DAF414FC-BD7A-4644-988B-0E02327A8738}" = protocol=6 | dir=out | app=system |
"{DEE5F1C7-7539-4315-AFF3-2F2370059936}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E3B3EAEC-F12C-4EC3-B6A3-3A9C9B96C317}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{EE6FE889-0845-4EAF-B9CB-6E2ABC7BA682}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0E973B8-F238-42FD-85D0-F3B97BCC7BA3}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{F6BF49EE-4B91-4FE2-986F-F5909E05266E}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{F8678B09-C761-4926-A781-63B0741D6973}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{FB66FCB8-7852-4973-93F1-61B71647F740}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{FF43691C-107B-455B-9D50-2755C6687F64}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{0B2B821A-24D7-4DB6-8540-833BDB357EC9}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"TCP Query User{14133439-853A-446F-89FB-031ED6DACA80}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{203A6839-C45D-463C-8A63-3C1FB6F02DAF}F:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{2268B194-2000-4448-A177-DF35A8D7D634}F:\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=f:\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{22DF0E69-7B0D-44B1-BB7D-0B331D1DD697}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"TCP Query User{24A4763B-C778-4E66-9CA3-1CCB4A531DEF}C:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe |
"TCP Query User{6039A38F-F233-42ED-9513-46E593180AE0}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{628020E1-8358-4517-BFEA-88EA86F82E71}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{66ECEC63-1A47-483F-9936-9B3BDF54FA3B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{68B69F0B-4912-4A3F-9B31-40F2D3962DF4}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{848E1405-B668-43B2-B51F-36E02E2189FE}C:\program files (x86)\shoutcast\sc_serv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\shoutcast\sc_serv.exe |
"TCP Query User{8F4A8381-1939-45B3-B9B1-F1936B55609A}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{959C78DB-8D58-4057-98F4-9A53BB0870D3}C:\users\jiří\desktop\gamer\cod4\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\jiří\desktop\gamer\cod4\iw3mp.exe |
"TCP Query User{9A75448E-4D47-45A5-9143-BB2411FC6646}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{9CB56A44-2B81-4243-8B67-5BA4D76D7AF4}C:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe |
"TCP Query User{A40E5E64-9063-4368-A78E-C422233629E8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{AFAF5FDF-A0BF-44DA-B57B-61A23606A5F8}C:\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd64.exe |
"TCP Query User{F10F809A-8099-4E49-9650-5C2E8600B46D}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{F91BBB7C-D3E5-4524-88B6-4FA141385AB2}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{0CB314EC-2497-466E-9A53-321489404BDE}F:\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=f:\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{23751B86-FECF-47D9-B466-9DE92EFA3BC5}C:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\samreporter\samreporter.exe |
"UDP Query User{29FBA3D8-BD89-4262-8A02-1B52D9386999}C:\users\jiří\desktop\gamer\cod4\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\jiří\desktop\gamer\cod4\iw3mp.exe |
"UDP Query User{429DC336-2201-468A-A9CB-E81E0F9F3331}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{46FDA6E5-4A3C-4B8C-A855-DEC6A105BFBC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4955F22C-2E93-4BA7-AB75-D9920BA323AA}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{4C9A47CD-59A7-4D68-9DAF-6E68DA7D1A53}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{5DDCB675-5538-4928-98DB-56881C0D4F32}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{5EF738ED-E338-48B8-90FC-1E8E2984489B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{643B0861-85A5-4723-83C5-3EC8FD256738}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"UDP Query User{906FEDD4-7302-4E1E-BC79-F51BFBE09EF7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{95C59E63-C2A9-4D01-9A50-9543600AF438}F:\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=f:\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{98139D43-5CA4-49D7-8C12-1A205F60CF11}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"UDP Query User{B039AC69-0F99-470B-A8CC-E15F985F53FE}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{C68358CE-FF80-4060-835F-22ED7C23FE17}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{D21D1863-0435-49B6-B35A-1EB93135C189}C:\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd64.exe |
"UDP Query User{E3CA2856-2AC8-4A57-BECA-AC1905ECB868}C:\program files (x86)\shoutcast\sc_serv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\shoutcast\sc_serv.exe |
"UDP Query User{E76173D2-64E7-46D8-A810-EAB8CDC71D3D}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{E8431824-5DF6-489F-9FF5-DC89FA7120CD}C:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\frezeer1995\team fortress 2\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB398DDB-0E7B-400B-A940-7E61FB91A531}" = Alcor Micro USB Card Reader
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"aTube Catcher" = aTube Catcher
"DAEMON Tools Lite" = DAEMON Tools Lite
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Mafia II_is1" = Mafia II
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.1
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"SAM3" = SAM Broadcaster v4
"SCDNAS" = SHOUTcast DNAS (remove only)
"SoftwareUpdater" = SoftwareUpdater
"Steam App 440" = Team Fortress 2
"Syncrosoft License Control" = Syncrosoft License Control
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.1.2013 16:03:31 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 8:35:37 | Computer Name = SmackOne | Source = WinMgmt | ID = 10
Description =

Error - 28.1.2013 8:41:17 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 8:41:17 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 10:31:10 | Computer Name = SmackOne | Source = Application Hang | ID = 1002
Description = The program SetEAFC.tmp version 6.31.100.1190 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: cb8 Start
Time: 01cdfd64051bacae Termination Time: 9 Application Path: C:\Users\JI10BB~1\AppData\Local\Temp\SetEAFC.tmp

Report
Id: 54e5d790-6957-11e2-bf09-e89a8fc2194e

Error - 28.1.2013 10:34:51 | Computer Name = SmackOne | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: ICQ7.exe, verzia: 14.0.0.162, časová značka:
0x4626b2f4 Názov chybového modulu: MoveIt.dll_unloaded, verzia: 0.0.0.0, časová
značka: 0x4fa119ef Kód výnimky: 0xc0000005 Odstup chyby: 0x6731cfde Identifikácia chybného
procesu: 0x179c Čas spustenia chybnej aplikácie: 0x01cdfd6449e095d3 Cesta chybnej
aplikácie: C:\Users\JI10BB~1\AppData\Local\Temp\{B786163B-A5DB-48D2-8BE1-C26CF071CB3F}\ICQ7.exe
Cesta
chybného modulu: MoveIt.dll Identifikácia hlásenia: df87ad8b-6957-11e2-bf09-e89a8fc2194e

Error - 28.1.2013 11:35:02 | Computer Name = SmackOne | Source = WinMgmt | ID = 10
Description =

Error - 28.1.2013 11:40:58 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 11:40:58 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 11:47:56 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28.1.2013 11:47:56 | Computer Name = SmackOne | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 005
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 15.3.2013 17:48:32 | Computer Name = SmackOne | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 16.3.2013 3:40:36 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 16.3.2013 4:20:40 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 16.3.2013 14:13:23 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 16.3.2013 17:36:40 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 16.3.2013 18:42:50 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 17.3.2013 3:28:05 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 17.3.2013 11:10:53 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

Error - 17.3.2013 12:08:27 | Computer Name = SmackOne | Source = DCOM | ID = 10010
Description =

Error - 17.3.2013 12:09:56 | Computer Name = SmackOne | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NEWDRIVER zlyhalo kvôli nasledujúcej chybe: %%2

< End of report >

#12 Příspěvek od **vyosek** » 18 bře 2013 07:44

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 04 00 18 03 0E 00 00 00 46 0B 84 4A 01 00 00 80 06 00 18 03 00 00 00 00 [binary data]
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..\SearchScopes\{71C76A06-0AA1-4447-839D-0C1509F89D25}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=1b92265e-a886-48fd-a50a-27f28b8b20fe&apn_sauid=F63F34E7-8427-465A-BEAA-C76FA85EF3D9
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1356760250-1139593437-539297764-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{0874086B-4AD8-4B4D-9321-DCBA3AA69C8C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{0874086B-4AD8-4B4D-9321-DCBA3AA69C8C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{216EB3F9-CCA5-4D88-B667-8753307DEB5C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{216EB3F9-CCA5-4D88-B667-8753307DEB5C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{2E38CCC9-9766-4A17-A43E-863E7212F31C}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{2E38CCC9-9766-4A17-A43E-863E7212F31C}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{37563DDE-E710-405A-B8BF-76F27402E554}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{37563DDE-E710-405A-B8BF-76F27402E554}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{7665A933-1049-43DD-B692-416C7F6A55D6}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{7665A933-1049-43DD-B692-416C7F6A55D6}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{8780588E-EF91-442B-BD5F-2D50DE7ABF76}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{8780588E-EF91-442B-BD5F-2D50DE7ABF76}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{9C03F88D-8608-44B7-A3E7-7316D1CAC152}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{9C03F88D-8608-44B7-A3E7-7316D1CAC152}\cs-CZ\*.tmp -> ]
[1 C:\Windows\inf\StarterGPOs\{B52976F5-3EE4-4C77-80B9-11911F065EF7}\cs-CZ\*.tmp files -> C:\Windows\inf\StarterGPOs\{B52976F5-3EE4-4C77-80B9-11911F065EF7}\cs-CZ\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[5 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.03.17 16:55:13 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.08 17:31:52 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001Core.job
[2013.03.17 16:41:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job
@Alternate Data Stream - 453 bytes -> C:\ProgramData\Temp:05EE1EEF

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Facebook Update"=-
"DrivUpdater"=-
"Steam"=-
"Skype"=-
"ICQ"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DrivUpdater"=-
"MyWebFace Search Scope Monitor"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=-

:files
C:\Program Files (x86)\MyWebFace_5a
C:\Windows\updater
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Frezeer · #13 Příspěvek od **Frezeer** » 18 bře 2013 09:33

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\Software\Microsoft\Internet Explorer\SearchScopes\{71C76A06-0AA1-4447-839D-0C1509F89D25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71C76A06-0AA1-4447-839D-0C1509F89D25}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1356760250-1139593437-539297764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7FBA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF28F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5092.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP710C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7D5A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP95E9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC13E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE531.tmp\ehExtHost.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE531.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF7E6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFB8D.tmp folder deleted successfully.
C:\Windows\inf\StarterGPOs\{0874086B-4AD8-4B4D-9321-DCBA3AA69C8C}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{216EB3F9-CCA5-4D88-B667-8753307DEB5C}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{2E38CCC9-9766-4A17-A43E-863E7212F31C}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{37563DDE-E710-405A-B8BF-76F27402E554}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{7665A933-1049-43DD-B692-416C7F6A55D6}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{8780588E-EF91-442B-BD5F-2D50DE7ABF76}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{9C03F88D-8608-44B7-A3E7-7316D1CAC152}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\inf\StarterGPOs\{B52976F5-3EE4-4C77-80B9-11911F065EF7}\cs-CZ\StarterGPO.tmpll deleted successfully.
C:\Windows\Installer\MSI6B1D.tmp deleted successfully.
C:\Windows\Installer\MSI6EA2.tmp deleted successfully.
C:\Windows\Installer\MSI9D66.tmp deleted successfully.
C:\Windows\Temp\IE157.tmp\Windows6.1-KB2533623-x64.cab deleted successfully.
C:\Windows\Temp\IE157.tmp folder deleted successfully.
C:\Windows\Temp\IE695.tmp\Windows6.1-KB2670838-x64.cab deleted successfully.
C:\Windows\Temp\IE695.tmp folder deleted successfully.
C:\Windows\Temp\IE9A1.tmp\Windows6.1-KB2729094-v2-x64.cab deleted successfully.
C:\Windows\Temp\IE9A1.tmp folder deleted successfully.
C:\Windows\Temp\TS_25E7.tmp deleted successfully.
C:\Windows\Temp\TS_2701.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356760250-1139593437-539297764-1001UA.job moved successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DrivUpdater deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\DrivUpdater deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\MyWebFace Search Scope Monitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\MyWebFace_5a not found.
C:\Windows\updater folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jiýˇ

User: Jiří
->Temp folder emptied: 150449728 bytes
->Temporary Internet Files folder emptied: 255782323 bytes
->Java cache emptied: 712785 bytes
->FireFox cache emptied: 374893436 bytes
->Apple Safari cache emptied: 5842944 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7301 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 278612 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95556 bytes
RecycleBin emptied: 5180577150 bytes

Total Files Cleaned = 5 692,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jiýˇ

User: Jiří
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jiýˇ

User: Jiří
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03182013_092818

Files\Folders moved on Reboot...
C:\Users\Jiří\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jiří\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\Jiří\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#14 Příspěvek od **vyosek** » 18 bře 2013 11:08

OTL nam udelalo co melo, jak se chova PC

Frezeer · #15 Příspěvek od **Frezeer** » 18 bře 2013 11:19

PC se chová mnohem líp díky moc

za pomoc

VIRY.CZ

Preventka Frezeer

Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer

Re: Preventka Frezeer