Logfile of random's system information tool 1.09 (written by random/random)
Run by Roko68 at 2013-07-19 22:22:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 409 GB (88%) free of 463 GB
Total RAM: 2811 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:01, on 19.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\Roko68.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 5r4792s46s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=co ... 043295&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11440 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2120
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5644.95e6c00.1372352559 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5644 "\\.\pipe\gecko-crash-server-pipe.5644" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash3308.68E3D910.23258 --host-broker-channel=Flash3308.68E3D910.18657 --host-pid=3308 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=3252.0018F368.1175686617 --proxy-stub-channel=Flash3308.68E3D910.23258 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe44_ Global\UsGthrCtrlFltPipeMssGthrPipe44 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"taskhost.exe"
C:\Windows\system32\userinit.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Roko68\Documents\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Registry Winner Schedule.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - ""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\
djziggy@gmail.com
{2458abc0-f443-11dd-87af-0800200c9a66}
{5b35cb30-16b4-11de-8c30-0800200c9a66}
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\
askcom.xml
conduit.xml
funmoods.xml
Mysearchdial.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2010-07-15 750064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-15 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-07-15 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2013-06-06 13480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2010-07-15 433648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-07-15 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-07-15 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-15 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 256112]
{41545534-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2013-06-06 13480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-09 206208]
"Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2010-06-11 861216]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-21 98304]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-06-06 1495712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-19 22:18:34 ----D---- C:\rsit
2013-07-19 22:18:34 ----D---- C:\Program Files\trend micro
2013-07-19 11:11:35 ----D---- C:\Program Files\Yamicsoft
2013-07-18 22:10:03 ----D---- C:\ProgramData\VSO
2013-07-16 20:35:44 ----D---- C:\Windows\system32\MRT
2013-07-10 22:03:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-10 22:03:41 ----A---- C:\Windows\system32\ieui.dll
2013-07-10 22:03:39 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-10 22:03:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-10 22:03:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-10 22:03:39 ----A---- C:\Windows\system32\iesetup.dll
2013-07-10 22:03:39 ----A---- C:\Windows\system32\iernonce.dll
2013-07-10 22:03:39 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-10 22:03:38 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-10 22:03:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-10 22:03:38 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 22:03:38 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-10 22:03:38 ----A---- C:\Windows\system32\iertutil.dll
2013-07-10 22:03:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-10 22:03:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-10 22:03:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-10 22:03:36 ----A---- C:\Windows\system32\jscript.dll
2013-07-10 22:03:35 ----A---- C:\Windows\system32\jscript9.dll
2013-07-10 22:03:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-10 22:03:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-10 22:03:33 ----A---- C:\Windows\system32\urlmon.dll
2013-07-10 22:03:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-10 22:03:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-10 22:03:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-10 22:03:30 ----A---- C:\Windows\system32\wininet.dll
2013-07-10 22:03:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-10 22:03:28 ----A---- C:\Windows\system32\ieframe.dll
2013-07-10 22:03:27 ----A---- C:\Windows\system32\mshtml.dll
2013-07-10 22:03:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 16:28:11 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 16:28:11 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 16:28:09 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 16:28:08 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 16:26:34 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 16:23:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 16:23:07 ----A---- C:\Windows\system32\DWrite.dll
2013-07-07 00:37:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-05 22:30:51 ----D---- C:\ProgramData\Particles
2013-07-05 22:30:45 ----D---- C:\Users\Roko68\AppData\Roaming\AtlanticJourney
2013-07-05 22:29:43 ----D---- C:\ProgramData\AlawarWrapper
2013-07-04 13:56:18 ----D---- C:\ProgramData\Meridian93
2013-07-04 13:49:29 ----D---- C:\Users\Roko68\AppData\Roaming\Meridian93
2013-06-29 12:59:44 ----D---- C:\Users\Roko68\AppData\Roaming\mysearchdial
2013-06-29 12:59:20 ----D---- C:\ProgramData\Tarma Installer
2013-06-29 12:40:03 ----D---- C:\Users\Roko68\AppData\Roaming\Uniblue
2013-06-24 07:19:20 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-24 07:19:11 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-24 07:19:11 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-24 07:19:11 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-24 07:17:52 ----D---- C:\Program Files (x86)\Java
======List of files/folders modified in the last 1 month======
2013-07-19 22:22:52 ----D---- C:\Windows\Prefetch
2013-07-19 22:18:34 ----RD---- C:\Program Files
2013-07-19 22:18:01 ----D---- C:\Windows\Temp
2013-07-19 22:16:41 ----D---- C:\Users\Roko68\AppData\Roaming\uTorrent
2013-07-19 16:01:49 ----D---- C:\Windows\System32
2013-07-19 16:01:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-19 14:44:55 ----D---- C:\Windows\system32\config
2013-07-19 14:12:25 ----SHD---- C:\System Volume Information
2013-07-19 11:49:47 ----SHD---- C:\Windows\Installer
2013-07-19 11:49:39 ----D---- C:\Windows
2013-07-19 10:19:10 ----D---- C:\Users\Roko68\AppData\Roaming\Vso
2013-07-18 23:36:08 ----D---- C:\Windows\system32\catroot2
2013-07-18 22:27:40 ----A---- C:\Users\Roko68\AppData\Roaming\inst.exe
2013-07-18 22:10:03 ----HD---- C:\ProgramData
2013-07-17 20:44:38 ----D---- C:\Windows\Microsoft.NET
2013-07-17 20:44:17 ----RSD---- C:\Windows\assembly
2013-07-17 20:19:10 ----D---- C:\Windows\system32\wdi
2013-07-16 23:24:16 ----D---- C:\Windows\system32\catroot
2013-07-16 20:50:42 ----D---- C:\Windows\winsxs
2013-07-16 20:39:58 ----D---- C:\Program Files\Microsoft Security Client
2013-07-16 20:39:38 ----D---- C:\Windows\system32\drivers
2013-07-16 20:39:36 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-16 20:35:43 ----D---- C:\Windows\debug
2013-07-14 15:18:44 ----D---- C:\Windows\inf
2013-07-13 18:53:15 ----D---- C:\ProgramData\vsosdk
2013-07-11 22:42:37 ----D---- C:\Users\Roko68\AppData\Roaming\Wise Disk Cleaner
2013-07-11 22:04:18 ----SD---- C:\ProgramData\Microsoft
2013-07-11 22:03:52 ----SD---- C:\Users\Roko68\AppData\Roaming\Microsoft
2013-07-11 14:54:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-11 14:35:35 ----D---- C:\Windows\Panther
2013-07-11 14:34:24 ----D---- C:\Windows\SysWOW64
2013-07-11 14:34:24 ----D---- C:\Program Files\Windows Defender
2013-07-11 14:34:24 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-11 14:34:23 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 14:34:21 ----D---- C:\Program Files\Internet Explorer
2013-07-11 14:34:18 ----D---- C:\Program Files\Windows Journal
2013-07-11 14:34:11 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-11 14:34:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 22:05:21 ----D---- C:\ProgramData\Microsoft Help
2013-07-08 15:18:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 00:39:02 ----RD---- C:\Program Files (x86)
2013-07-06 13:20:34 ----D---- C:\Windows\Tasks
2013-07-06 13:20:34 ----D---- C:\Windows\system32\wfp
2013-07-06 13:20:30 ----D---- C:\Windows\system32\wbem
2013-07-06 13:19:21 ----D---- C:\Windows\system32\DriverStore
2013-07-06 13:19:20 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-06 13:19:20 ----D---- C:\Windows\AppCompat
2013-07-06 13:19:20 ----D---- C:\Users\Roko68\AppData\Roaming\PhotoFiltre Studio X
2013-07-06 13:19:19 ----D---- C:\Program Files (x86)\uTorrent
2013-07-06 13:19:12 ----D---- C:\Windows\registration
2013-06-29 13:26:34 ----D---- C:\Windows\Logs
2013-06-29 12:59:50 ----D---- C:\Windows\system32\Tasks
2013-06-24 07:18:15 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-24 07:18:14 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-24 00:57:12 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-03-23 82816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-06-06 169640]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-06-11 868896]
R2 GREGService;GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-01-08 23584]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 Updater Service;Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-01-29 243232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11 257416]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-15 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-15 182768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-07 117144]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2010-07-15 332272]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-23 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu.
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Home Premium x64
Ran by Roko68 on so 20.07.2013 at 10:49:13,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\kt_bho_dll.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{31e3bc75-2a09-4cff-9c92-8d0ed8d1dc0f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{e2343056-cc08-46ac-b898-bfc7acf4e755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D9D3D7E6-86F2-43BF-A1D7-81BC992BCEF1}
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Failed to delete: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Roko68\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"
~~~ FireFox
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\user.js
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\funmoods.xml
Successfully deleted: [Folder] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\jetpack
Successfully deleted the following from C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\prefs.js
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.503e40bd12f44.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,sear
user_pref("extensions.5171713c24f07.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\minidumps [116 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 20.07.2013 at 10:57:26,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 10:58:48
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Roko68 - ROKO68-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Roko68\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : APNMCP
Nalezeno : Partner Service
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\Berowsye2soavve
Složka Nalezeno : C:\Users\Míša\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhjbhepbmdhnhdncglmmljljomlkokk
Složka Nalezeno : C:\Users\Roko68\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\Roko68\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Roko68\AppData\Roaming\Mysearchdial
Složka Nalezeno : C:\Users\Veronika\AppData\Local\Temp\APN
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\ask-search.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-10.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-3.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-4.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-5.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-6.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-7.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-8.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-9.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\search.xml
Soubor Nalezeno : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\Mysearchdial.xml
Soubor Nalezeno : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\searchplugins\Mysearchdial.xml
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\AskPartnerNetwork
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKCU\Software\mysearchdial
Klíe Nalezeno : HKCU\Software\mysearchdial.com
Klíe Nalezeno : HKLM\Software\AskPartnerNetwork
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Klíe Nalezeno : HKLM\Software\InstallCore
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Nalezeno : user_pref("browser.search.order.1", "Mysearchdial");
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.ffxtlbr@mysearchdial.com.install-event-fired", true);
Nalezeno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Nalezeno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Nalezeno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Nalezeno : user_pref("extensions.mysearchdial.cr", "789043295");
Nalezeno : user_pref("extensions.mysearchdial.dfltLng", "");
Nalezeno : user_pref("extensions.mysearchdial.dfltSrch", true);
Nalezeno : user_pref("extensions.mysearchdial.dnsErr", true);
Nalezeno : user_pref("extensions.mysearchdial.excTlbr", false);
Nalezeno : user_pref("extensions.mysearchdial.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Nalezeno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Nalezeno : user_pref("extensions.mysearchdial.instlDay", "15885");
Nalezeno : user_pref("extensions.mysearchdial.instlRef", "");
Nalezeno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Nalezeno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.tlbrId", "base");
Nalezeno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Nalezeno : user_pref("extensions.mysearchdial.vrsn", "");
Nalezeno : user_pref("extensions.mysearchdial.vrsni", "");
Nalezeno : user_pref("extensions.mysearchdial_i.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial_i.newTab", false);
Nalezeno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Nalezeno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Soubor : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Nalezeno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Nalezeno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Nalezeno : user_pref("extensions.mysearchdial.cr", "789043295");
Nalezeno : user_pref("extensions.mysearchdial.dfltLng", "");
Nalezeno : user_pref("extensions.mysearchdial.dfltSrch", true);
Nalezeno : user_pref("extensions.mysearchdial.dnsErr", true);
Nalezeno : user_pref("extensions.mysearchdial.excTlbr", false);
Nalezeno : user_pref("extensions.mysearchdial.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Nalezeno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Nalezeno : user_pref("extensions.mysearchdial.instlDay", "15885");
Nalezeno : user_pref("extensions.mysearchdial.instlRef", "");
Nalezeno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Nalezeno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.tlbrId", "base");
Nalezeno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Nalezeno : user_pref("extensions.mysearchdial.vrsn", "");
Nalezeno : user_pref("extensions.mysearchdial.vrsni", "");
Nalezeno : user_pref("extensions.mysearchdial_i.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial_i.newTab", false);
Nalezeno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Nalezeno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.abar-war-timeout", "4000");
Nalezeno : user_pref("extensions.asktb.cbid", "T8");
Nalezeno : user_pref("extensions.asktb.config-updated", false);
Nalezeno : user_pref("extensions.asktb.crumb", "2011.08.02+06.44.46-toolbar005iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
Nalezeno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Nalezeno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Nalezeno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Nalezeno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.webhledani.cz/results.aspx?i=42&tp[...]
Nalezeno : user_pref("extensions.asktb.fresh-install", false);
Nalezeno : user_pref("extensions.asktb.guid", "1164c178-ee7f-4e1a-a041-68acc1cb9f38");
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("extensions.asktb.if", "first");
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.last-config-req", "1312294024490");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Nalezeno : user_pref("extensions.asktb.new-tab-enabled", true);
Nalezeno : user_pref("extensions.asktb.o", "14670");
Nalezeno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.r", "2");
Nalezeno : user_pref("extensions.asktb.sa", "YES");
Nalezeno : user_pref("extensions.asktb.saguid", "DA3F602D-9276-4019-B5EE-8911C5BD6695");
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.socialmini-first", true);
Nalezeno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Nalezeno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Nalezeno : user_pref("extensions.asktb.socialmini-max-items", "30");
Nalezeno : user_pref("extensions.asktb.socialmini-native-on", true);
Nalezeno : user_pref("extensions.asktb.socialmini-speed", "5000");
Nalezeno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Nalezeno : user_pref("extensions.asktb.themeid", "");
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.version", "5.12.5.17640");
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1361027346);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "samsung%20s5230%20star%20kryt%20baterie%20lafleur||kryt%20na%20sams[...]
Nalezeno : user_pref("icqtoolbar.hpChange", true);
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1334141750");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.itbsitescount", 0);
Nalezeno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Nalezeno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "18.0.2");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uniqueID", "150760933510728310961268550952085");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1361027348);
Nalezeno : user_pref("icqtoolbar.userHpApproved", true);
Nalezeno : user_pref("icqtoolbar.version", "1.4.7");
Nalezeno : user_pref("icqtoolbar.voucherHideClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherWasShown", 0);
Nalezeno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/bigse ... 8-2195-3E8[...]
Nalezeno : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{003ECD78 ... 5-43D65C81[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.3] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=" ],
Nalezeno [l.98] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir="
*************************
AdwCleaner[R1].txt - [17693 octets] - [20/07/2013 10:58:48]
########## EOF - C:\AdwCleaner[R1].txt - [17754 octets] ##########
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Home Premium x64
Ran by Roko68 on so 20.07.2013 at 10:49:13,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\kt_bho_dll.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{31e3bc75-2a09-4cff-9c92-8d0ed8d1dc0f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{e2343056-cc08-46ac-b898-bfc7acf4e755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D9D3D7E6-86F2-43BF-A1D7-81BC992BCEF1}
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Failed to delete: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Roko68\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"
~~~ FireFox
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\user.js
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\searchplugins\funmoods.xml
Successfully deleted: [Folder] C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\jetpack
Successfully deleted the following from C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\prefs.js
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.503e40bd12f44.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,sear
user_pref("extensions.5171713c24f07.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Roko68\AppData\Roaming\mozilla\firefox\profiles\wpcir2kh.default\minidumps [116 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 20.07.2013 at 10:57:26,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 10:58:48
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Roko68 - ROKO68-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Roko68\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : APNMCP
Nalezeno : Partner Service
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\Berowsye2soavve
Složka Nalezeno : C:\Users\Míša\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhjbhepbmdhnhdncglmmljljomlkokk
Složka Nalezeno : C:\Users\Roko68\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\Roko68\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Roko68\AppData\Roaming\Mysearchdial
Složka Nalezeno : C:\Users\Veronika\AppData\Local\Temp\APN
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\ask-search.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-10.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-3.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-4.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-5.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-6.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-7.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-8.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-9.xml
Soubor Nalezeno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\search.xml
Soubor Nalezeno : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\Mysearchdial.xml
Soubor Nalezeno : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\searchplugins\Mysearchdial.xml
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\AskPartnerNetwork
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKCU\Software\mysearchdial
Klíe Nalezeno : HKCU\Software\mysearchdial.com
Klíe Nalezeno : HKLM\Software\AskPartnerNetwork
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Klíe Nalezeno : HKLM\Software\InstallCore
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Nalezeno : user_pref("browser.search.order.1", "Mysearchdial");
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.ffxtlbr@mysearchdial.com.install-event-fired", true);
Nalezeno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Nalezeno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Nalezeno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Nalezeno : user_pref("extensions.mysearchdial.cr", "789043295");
Nalezeno : user_pref("extensions.mysearchdial.dfltLng", "");
Nalezeno : user_pref("extensions.mysearchdial.dfltSrch", true);
Nalezeno : user_pref("extensions.mysearchdial.dnsErr", true);
Nalezeno : user_pref("extensions.mysearchdial.excTlbr", false);
Nalezeno : user_pref("extensions.mysearchdial.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Nalezeno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Nalezeno : user_pref("extensions.mysearchdial.instlDay", "15885");
Nalezeno : user_pref("extensions.mysearchdial.instlRef", "");
Nalezeno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Nalezeno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.tlbrId", "base");
Nalezeno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Nalezeno : user_pref("extensions.mysearchdial.vrsn", "");
Nalezeno : user_pref("extensions.mysearchdial.vrsni", "");
Nalezeno : user_pref("extensions.mysearchdial_i.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial_i.newTab", false);
Nalezeno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Nalezeno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Soubor : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Nalezeno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Nalezeno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Nalezeno : user_pref("extensions.mysearchdial.cr", "789043295");
Nalezeno : user_pref("extensions.mysearchdial.dfltLng", "");
Nalezeno : user_pref("extensions.mysearchdial.dfltSrch", true);
Nalezeno : user_pref("extensions.mysearchdial.dnsErr", true);
Nalezeno : user_pref("extensions.mysearchdial.excTlbr", false);
Nalezeno : user_pref("extensions.mysearchdial.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Nalezeno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Nalezeno : user_pref("extensions.mysearchdial.instlDay", "15885");
Nalezeno : user_pref("extensions.mysearchdial.instlRef", "");
Nalezeno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Nalezeno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Nalezeno : user_pref("extensions.mysearchdial.tlbrId", "base");
Nalezeno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Nalezeno : user_pref("extensions.mysearchdial.vrsn", "");
Nalezeno : user_pref("extensions.mysearchdial.vrsni", "");
Nalezeno : user_pref("extensions.mysearchdial_i.hmpg", true);
Nalezeno : user_pref("extensions.mysearchdial_i.newTab", false);
Nalezeno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Nalezeno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.abar-war-timeout", "4000");
Nalezeno : user_pref("extensions.asktb.cbid", "T8");
Nalezeno : user_pref("extensions.asktb.config-updated", false);
Nalezeno : user_pref("extensions.asktb.crumb", "2011.08.02+06.44.46-toolbar005iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
Nalezeno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Nalezeno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Nalezeno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Nalezeno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.webhledani.cz/results.aspx?i=42&tp[...]
Nalezeno : user_pref("extensions.asktb.fresh-install", false);
Nalezeno : user_pref("extensions.asktb.guid", "1164c178-ee7f-4e1a-a041-68acc1cb9f38");
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("extensions.asktb.if", "first");
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.last-config-req", "1312294024490");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Nalezeno : user_pref("extensions.asktb.new-tab-enabled", true);
Nalezeno : user_pref("extensions.asktb.o", "14670");
Nalezeno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.r", "2");
Nalezeno : user_pref("extensions.asktb.sa", "YES");
Nalezeno : user_pref("extensions.asktb.saguid", "DA3F602D-9276-4019-B5EE-8911C5BD6695");
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.socialmini-first", true);
Nalezeno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Nalezeno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Nalezeno : user_pref("extensions.asktb.socialmini-max-items", "30");
Nalezeno : user_pref("extensions.asktb.socialmini-native-on", true);
Nalezeno : user_pref("extensions.asktb.socialmini-speed", "5000");
Nalezeno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Nalezeno : user_pref("extensions.asktb.themeid", "");
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.version", "5.12.5.17640");
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1361027346);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "samsung%20s5230%20star%20kryt%20baterie%20lafleur||kryt%20na%20sams[...]
Nalezeno : user_pref("icqtoolbar.hpChange", true);
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1334141750");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.itbsitescount", 0);
Nalezeno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Nalezeno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "18.0.2");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uniqueID", "150760933510728310961268550952085");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1361027348);
Nalezeno : user_pref("icqtoolbar.userHpApproved", true);
Nalezeno : user_pref("icqtoolbar.version", "1.4.7");
Nalezeno : user_pref("icqtoolbar.voucherHideClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherWasShown", 0);
Nalezeno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/bigse ... 8-2195-3E8[...]
Nalezeno : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{003ECD78 ... 5-43D65C81[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.3] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir=" ],
Nalezeno [l.98] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir="
*************************
AdwCleaner[R1].txt - [17693 octets] - [20/07/2013 10:58:48]
########## EOF - C:\AdwCleaner[R1].txt - [17754 octets] ##########
Re: Prosím o kontrolu logu.
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 11:07:50
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Roko68 - ROKO68-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Roko68\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : APNMCP
Zastaveno & vymazáno : Partner Service
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\Berowsye2soavve
Složka Vymazáno : C:\Users\Míša\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhjbhepbmdhnhdncglmmljljomlkokk
Složka Vymazáno : C:\Users\Roko68\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\Roko68\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Roko68\AppData\Roaming\Mysearchdial
Složka Vymazáno : C:\Users\Veronika\AppData\Local\Temp\APN
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\ask-search.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-1.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-10.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-2.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-3.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-4.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-5.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-6.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-7.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-8.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-9.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\search.xml
Soubor Vymazáno : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\Mysearchdial.xml
Soubor Vymazáno : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\searchplugins\Mysearchdial.xml
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\AskPartnerNetwork
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKCU\Software\mysearchdial
Klíe Vymazáno : HKCU\Software\mysearchdial.com
Klíe Vymazáno : HKLM\Software\AskPartnerNetwork
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Klíe Vymazáno : HKLM\Software\InstallCore
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\prefs.js
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Vymazáno : user_pref("browser.search.order.1", "Mysearchdial");
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.ffxtlbr@mysearchdial.com.install-event-fired", true);
Vymazáno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Vymazáno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Vymazáno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Vymazáno : user_pref("extensions.mysearchdial.cr", "789043295");
Vymazáno : user_pref("extensions.mysearchdial.dfltLng", "");
Vymazáno : user_pref("extensions.mysearchdial.dfltSrch", true);
Vymazáno : user_pref("extensions.mysearchdial.dnsErr", true);
Vymazáno : user_pref("extensions.mysearchdial.excTlbr", false);
Vymazáno : user_pref("extensions.mysearchdial.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Vymazáno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Vymazáno : user_pref("extensions.mysearchdial.instlDay", "15885");
Vymazáno : user_pref("extensions.mysearchdial.instlRef", "");
Vymazáno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Vymazáno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.tlbrId", "base");
Vymazáno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Vymazáno : user_pref("extensions.mysearchdial.vrsn", "");
Vymazáno : user_pref("extensions.mysearchdial.vrsni", "");
Vymazáno : user_pref("extensions.mysearchdial_i.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial_i.newTab", false);
Vymazáno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Vymazáno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\prefs.js
C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Vymazáno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Vymazáno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Vymazáno : user_pref("extensions.mysearchdial.cr", "789043295");
Vymazáno : user_pref("extensions.mysearchdial.dfltLng", "");
Vymazáno : user_pref("extensions.mysearchdial.dfltSrch", true);
Vymazáno : user_pref("extensions.mysearchdial.dnsErr", true);
Vymazáno : user_pref("extensions.mysearchdial.excTlbr", false);
Vymazáno : user_pref("extensions.mysearchdial.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Vymazáno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Vymazáno : user_pref("extensions.mysearchdial.instlDay", "15885");
Vymazáno : user_pref("extensions.mysearchdial.instlRef", "");
Vymazáno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Vymazáno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.tlbrId", "base");
Vymazáno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Vymazáno : user_pref("extensions.mysearchdial.vrsn", "");
Vymazáno : user_pref("extensions.mysearchdial.vrsni", "");
Vymazáno : user_pref("extensions.mysearchdial_i.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial_i.newTab", false);
Vymazáno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Vymazáno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\prefs.js
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Vymazáno : user_pref("extensions.asktb.abar-war-timeout", "4000");
Vymazáno : user_pref("extensions.asktb.cbid", "T8");
Vymazáno : user_pref("extensions.asktb.config-updated", false);
Vymazáno : user_pref("extensions.asktb.crumb", "2011.08.02+06.44.46-toolbar005iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Vymazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Vymazáno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
Vymazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Vymazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Vymazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Vymazáno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.webhledani.cz/results.aspx?i=42&tp[...]
Vymazáno : user_pref("extensions.asktb.fresh-install", false);
Vymazáno : user_pref("extensions.asktb.guid", "1164c178-ee7f-4e1a-a041-68acc1cb9f38");
Vymazáno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Vymazáno : user_pref("extensions.asktb.if", "first");
Vymazáno : user_pref("extensions.asktb.l", "dis");
Vymazáno : user_pref("extensions.asktb.last-config-req", "1312294024490");
Vymazáno : user_pref("extensions.asktb.locale", "en_EU");
Vymazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Vymazáno : user_pref("extensions.asktb.new-tab-enabled", true);
Vymazáno : user_pref("extensions.asktb.o", "14670");
Vymazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Vymazáno : user_pref("extensions.asktb.qsrc", "2871");
Vymazáno : user_pref("extensions.asktb.r", "2");
Vymazáno : user_pref("extensions.asktb.sa", "YES");
Vymazáno : user_pref("extensions.asktb.saguid", "DA3F602D-9276-4019-B5EE-8911C5BD6695");
Vymazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Vymazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Vymazáno : user_pref("extensions.asktb.socialmini-first", true);
Vymazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Vymazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Vymazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
Vymazáno : user_pref("extensions.asktb.socialmini-native-on", true);
Vymazáno : user_pref("extensions.asktb.socialmini-speed", "5000");
Vymazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Vymazáno : user_pref("extensions.asktb.themeid", "");
Vymazáno : user_pref("extensions.asktb.to", "");
Vymazáno : user_pref("extensions.asktb.version", "5.12.5.17640");
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.geolastmodified", 1361027346);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.history", "samsung%20s5230%20star%20kryt%20baterie%20lafleur||kryt%20na%20sams[...]
Vymazáno : user_pref("icqtoolbar.hpChange", true);
Vymazáno : user_pref("icqtoolbar.icqgeo", 42);
Vymazáno : user_pref("icqtoolbar.installTime", "1334141750");
Vymazáno : user_pref("icqtoolbar.installsource", "1");
Vymazáno : user_pref("icqtoolbar.itbsitescount", 0);
Vymazáno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Vymazáno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Vymazáno : user_pref("icqtoolbar.newtab_state", "1");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "18.0.2");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uniqueID", "150760933510728310961268550952085");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1361027348);
Vymazáno : user_pref("icqtoolbar.userHpApproved", true);
Vymazáno : user_pref("icqtoolbar.version", "1.4.7");
Vymazáno : user_pref("icqtoolbar.voucherHideClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherWasShown", 0);
Vymazáno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/bigse ... 8-2195-3E8[...]
Vymazáno : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{003ECD78 ... 5-43D65C81[...]
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.3] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L[...]
Vymazáno [l.98] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0[...]
*************************
AdwCleaner[R1].txt - [17814 octets] - [20/07/2013 10:58:48]
AdwCleaner[S1].txt - [17783 octets] - [20/07/2013 11:07:50]
########## EOF - C:\AdwCleaner[S1].txt - [17844 octets] ##########
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Roko68 - ROKO68-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Roko68\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : APNMCP
Zastaveno & vymazáno : Partner Service
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\Berowsye2soavve
Složka Vymazáno : C:\Users\Míša\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhjbhepbmdhnhdncglmmljljomlkokk
Složka Vymazáno : C:\Users\Roko68\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\Roko68\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Roko68\AppData\Roaming\Mysearchdial
Složka Vymazáno : C:\Users\Veronika\AppData\Local\Temp\APN
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\ask-search.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-1.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-10.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-2.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-3.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-4.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-5.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-6.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-7.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-8.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\icqplugin-9.xml
Soubor Vymazáno : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\searchplugins\search.xml
Soubor Vymazáno : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\Mysearchdial.xml
Soubor Vymazáno : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\searchplugins\Mysearchdial.xml
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\AskPartnerNetwork
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKCU\Software\mysearchdial
Klíe Vymazáno : HKCU\Software\mysearchdial.com
Klíe Vymazáno : HKLM\Software\AskPartnerNetwork
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Klíe Vymazáno : HKLM\Software\InstallCore
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\prefs.js
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Vymazáno : user_pref("browser.search.order.1", "Mysearchdial");
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.ffxtlbr@mysearchdial.com.install-event-fired", true);
Vymazáno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Vymazáno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Vymazáno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Vymazáno : user_pref("extensions.mysearchdial.cr", "789043295");
Vymazáno : user_pref("extensions.mysearchdial.dfltLng", "");
Vymazáno : user_pref("extensions.mysearchdial.dfltSrch", true);
Vymazáno : user_pref("extensions.mysearchdial.dnsErr", true);
Vymazáno : user_pref("extensions.mysearchdial.excTlbr", false);
Vymazáno : user_pref("extensions.mysearchdial.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Vymazáno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Vymazáno : user_pref("extensions.mysearchdial.instlDay", "15885");
Vymazáno : user_pref("extensions.mysearchdial.instlRef", "");
Vymazáno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Vymazáno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.tlbrId", "base");
Vymazáno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Vymazáno : user_pref("extensions.mysearchdial.vrsn", "");
Vymazáno : user_pref("extensions.mysearchdial.vrsni", "");
Vymazáno : user_pref("extensions.mysearchdial_i.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial_i.newTab", false);
Vymazáno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Vymazáno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\prefs.js
C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\119ey2s2.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "Mysearchdial");
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.mysearchdial.aflt", "coolmsd");
Vymazáno : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Vymazáno : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0Cy[...]
Vymazáno : user_pref("extensions.mysearchdial.cr", "789043295");
Vymazáno : user_pref("extensions.mysearchdial.dfltLng", "");
Vymazáno : user_pref("extensions.mysearchdial.dfltSrch", true);
Vymazáno : user_pref("extensions.mysearchdial.dnsErr", true);
Vymazáno : user_pref("extensions.mysearchdial.excTlbr", false);
Vymazáno : user_pref("extensions.mysearchdial.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyE[...]
Vymazáno : user_pref("extensions.mysearchdial.id", "88AE1D710BBB14B5");
Vymazáno : user_pref("extensions.mysearchdial.instlDay", "15885");
Vymazáno : user_pref("extensions.mysearchdial.instlRef", "");
Vymazáno : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2Xzu[...]
Vymazáno : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Vymazáno : user_pref("extensions.mysearchdial.tlbrId", "base");
Vymazáno : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=coolmsd&cd=2X[...]
Vymazáno : user_pref("extensions.mysearchdial.vrsn", "");
Vymazáno : user_pref("extensions.mysearchdial.vrsni", "");
Vymazáno : user_pref("extensions.mysearchdial_i.hmpg", true);
Vymazáno : user_pref("extensions.mysearchdial_i.newTab", false);
Vymazáno : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Vymazáno : user_pref("extensions.mysearchdial_i.vrsnTs", "12:59:39");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
Soubor : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\ru9749eb.default\prefs.js
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Vymazáno : user_pref("extensions.asktb.abar-war-timeout", "4000");
Vymazáno : user_pref("extensions.asktb.cbid", "T8");
Vymazáno : user_pref("extensions.asktb.config-updated", false);
Vymazáno : user_pref("extensions.asktb.crumb", "2011.08.02+06.44.46-toolbar005iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Vymazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Vymazáno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
Vymazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Vymazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Vymazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Vymazáno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.webhledani.cz/results.aspx?i=42&tp[...]
Vymazáno : user_pref("extensions.asktb.fresh-install", false);
Vymazáno : user_pref("extensions.asktb.guid", "1164c178-ee7f-4e1a-a041-68acc1cb9f38");
Vymazáno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Vymazáno : user_pref("extensions.asktb.if", "first");
Vymazáno : user_pref("extensions.asktb.l", "dis");
Vymazáno : user_pref("extensions.asktb.last-config-req", "1312294024490");
Vymazáno : user_pref("extensions.asktb.locale", "en_EU");
Vymazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Vymazáno : user_pref("extensions.asktb.new-tab-enabled", true);
Vymazáno : user_pref("extensions.asktb.o", "14670");
Vymazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Vymazáno : user_pref("extensions.asktb.qsrc", "2871");
Vymazáno : user_pref("extensions.asktb.r", "2");
Vymazáno : user_pref("extensions.asktb.sa", "YES");
Vymazáno : user_pref("extensions.asktb.saguid", "DA3F602D-9276-4019-B5EE-8911C5BD6695");
Vymazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Vymazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Vymazáno : user_pref("extensions.asktb.socialmini-first", true);
Vymazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Vymazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Vymazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
Vymazáno : user_pref("extensions.asktb.socialmini-native-on", true);
Vymazáno : user_pref("extensions.asktb.socialmini-speed", "5000");
Vymazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Vymazáno : user_pref("extensions.asktb.themeid", "");
Vymazáno : user_pref("extensions.asktb.to", "");
Vymazáno : user_pref("extensions.asktb.version", "5.12.5.17640");
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.geolastmodified", 1361027346);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.history", "samsung%20s5230%20star%20kryt%20baterie%20lafleur||kryt%20na%20sams[...]
Vymazáno : user_pref("icqtoolbar.hpChange", true);
Vymazáno : user_pref("icqtoolbar.icqgeo", 42);
Vymazáno : user_pref("icqtoolbar.installTime", "1334141750");
Vymazáno : user_pref("icqtoolbar.installsource", "1");
Vymazáno : user_pref("icqtoolbar.itbsitescount", 0);
Vymazáno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Vymazáno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Vymazáno : user_pref("icqtoolbar.newtab_state", "1");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "18.0.2");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uniqueID", "150760933510728310961268550952085");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1361027348);
Vymazáno : user_pref("icqtoolbar.userHpApproved", true);
Vymazáno : user_pref("icqtoolbar.version", "1.4.7");
Vymazáno : user_pref("icqtoolbar.voucherHideClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherWasShown", 0);
Vymazáno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/bigse ... 8-2195-3E8[...]
Vymazáno : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{003ECD78 ... 5-43D65C81[...]
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Roko68\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.3] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L[...]
Vymazáno [l.98] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0[...]
*************************
AdwCleaner[R1].txt - [17814 octets] - [20/07/2013 10:58:48]
AdwCleaner[S1].txt - [17783 octets] - [20/07/2013 11:07:50]
########## EOF - C:\AdwCleaner[S1].txt - [17844 octets] ##########
Re: Prosím o kontrolu logu.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
OTL logfile created on: 20.7.2013 11:32:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roko68\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 74,71% Memory free
5,49 Gb Paging File | 4,44 Gb Available in Paging File | 80,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 398,88 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Computer Name: ROKO68-PC | User Name: Roko68 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.07.20 11:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.06.22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.06.22 08:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.06.22 08:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.06.09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
PRC - [2007.06.27 20:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 20:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2010.06.09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.05.20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010.04.21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013.07.11 14:54:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.07 00:37:45 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.07.15 03:31:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.03.23 19:02:33 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.07.09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.06.17 11:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.14 23:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.05.11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010.04.13 12:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.08.23 11:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKLM\..\SearchScopes\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 5r4792s46s
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B35106bca-6c78-48c7-ac28-56df30b51d2a%7D:1.3.9c
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.35
FF - prefs.js..extensions.enabledAddons: %7B5b35cb30-16b4-11de-8c30-0800200c9a66%7D:13.0.05.05.12
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..keyword.URL: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013.03.23 18:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Extensions
[2013.07.19 21:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2013.03.23 18:32:30 | 000,000,000 | ---D | M] (Orange Fox) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{5b35cb30-16b4-11de-8c30-0800200c9a66}
[2013.06.28 06:40:37 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013.03.23 18:03:44 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\djziggy@gmail.com
[2011.10.16 15:51:30 | 000,067,892 | ---- | M] () (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi
[2013.07.19 21:17:11 | 000,223,750 | ---- | M] () (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2011.05.02 18:41:14 | 000,002,212 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\zbocz.xml
[2013.07.07 00:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.07.07 07:31:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: http://www.google.com/
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0447243E-109A-4F27-9BF8-FA78AA93CB97}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C68FB0B-765A-4846-840D-07F26BC73322}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\Program Files (x86)\BrowseToSave\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.07.20 11:29:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
[2013.07.20 10:46:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.20 10:45:44 | 000,559,341 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Roko68\Desktop\JRT.exe
[2013.07.19 22:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.19 22:18:34 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.19 11:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2013.07.18 22:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2013.07.16 20:35:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.03.23 19:02:33 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Roko68\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 7 Days ==========
[2013.07.20 11:33:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.20 11:30:08 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.20 11:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
[2013.07.20 11:21:08 | 000,029,851 | ---- | M] () -- C:\Users\Roko68\Documents\072013-48453-01.zip
[2013.07.20 11:16:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.20 11:16:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.20 11:09:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.20 11:09:17 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.20 10:58:04 | 000,666,633 | ---- | M] () -- C:\Users\Roko68\Desktop\adwcleaner.exe
[2013.07.20 10:45:55 | 000,559,341 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Roko68\Desktop\JRT.exe
[2013.07.20 01:41:36 | 000,290,032 | ---- | M] () -- C:\Users\Roko68\Documents\072013-48453-01.dmp
[2013.07.19 22:17:53 | 000,935,175 | ---- | M] () -- C:\Users\Roko68\Documents\RSITx64.exe
[2013.07.19 16:01:49 | 002,180,052 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.19 16:01:49 | 001,162,564 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.19 16:01:49 | 000,660,352 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.19 16:01:49 | 000,629,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.19 16:01:49 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.19 10:19:09 | 000,001,176 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\vso_ts_preview.xml
[2013.07.18 22:27:40 | 000,099,384 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2013.07.18 22:27:40 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Roko68\AppData\Roaming\pcouffin.sys
[2013.07.18 22:27:40 | 000,007,859 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.cat
[2013.07.18 22:27:40 | 000,001,167 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.inf
[2013.07.16 20:50:26 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.07.13 20:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job
========== Files Created - No Company Name ==========
[2013.07.20 11:33:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.20 11:21:39 | 000,290,032 | ---- | C] () -- C:\Users\Roko68\Documents\072013-48453-01.dmp
[2013.07.20 11:21:07 | 000,029,851 | ---- | C] () -- C:\Users\Roko68\Documents\072013-48453-01.zip
[2013.07.20 10:57:53 | 000,666,633 | ---- | C] () -- C:\Users\Roko68\Desktop\adwcleaner.exe
[2013.07.19 22:17:43 | 000,935,175 | ---- | C] () -- C:\Users\Roko68\Documents\RSITx64.exe
[2013.07.16 20:39:56 | 000,002,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.06.29 12:59:49 | 000,423,709 | ---- | C] () -- C:\Users\Roko68\AppData\Local\mysearchdial_speedial_v9.0.2.crx
[2013.04.06 17:07:55 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2013.03.23 19:07:13 | 000,001,176 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\vso_ts_preview.xml
[2013.03.23 19:02:33 | 000,099,384 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2013.03.23 19:02:33 | 000,007,859 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.cat
[2013.03.23 19:02:33 | 000,001,167 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.inf
[2013.03.23 17:21:14 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2013.03.23 17:21:14 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013.03.23 17:21:14 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2013.03.23 17:21:14 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2013.03.23 17:21:14 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2013.03.23 17:21:14 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2013.03.23 17:13:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.05.25 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\WinTools
[2013.05.07 21:12:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Alawar Stargaze
[2013.05.03 21:27:40 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Artogon
[2013.07.05 22:31:54 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\AtlanticJourney
[2013.04.19 18:16:30 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\calibre
[2013.05.03 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ERS Game Studios
[2013.06.15 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Melesta
[2013.07.04 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Meridian93
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\PhotoFiltre Studio X
[2013.06.15 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rainbow
[2013.03.23 23:19:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rumbic Studio
[2013.06.29 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Uniblue
[2013.07.19 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\uTorrent
[2013.07.19 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Vso
[2013.06.13 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Windows Live Writer
[2013.03.23 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinTools
[2013.07.11 22:42:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Wise Disk Cleaner
[2013.03.24 20:38:08 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\PhotoFiltre Studio X
[2013.03.28 20:07:18 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\Rumbic Studio
[2013.05.22 19:01:16 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\uTorrent
[2013.03.24 12:43:28 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\WinTools
========== Purity Check ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roko68\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 74,71% Memory free
5,49 Gb Paging File | 4,44 Gb Available in Paging File | 80,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 398,88 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Computer Name: ROKO68-PC | User Name: Roko68 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.07.20 11:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.06.22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.06.22 08:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.06.22 08:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.06.09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
PRC - [2007.06.27 20:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 20:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2010.06.09 19:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.05.20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010.04.21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013.07.11 14:54:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.07 00:37:45 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.07.15 03:31:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.03.23 19:02:33 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.07.09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.06.17 11:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.14 23:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.05.11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010.04.13 12:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.08.23 11:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKLM\..\SearchScopes\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 5r4792s46s
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.p ... 043295&ir=
IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B35106bca-6c78-48c7-ac28-56df30b51d2a%7D:1.3.9c
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.35
FF - prefs.js..extensions.enabledAddons: %7B5b35cb30-16b4-11de-8c30-0800200c9a66%7D:13.0.05.05.12
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..keyword.URL: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013.03.23 18:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Extensions
[2013.07.19 21:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2013.03.23 18:32:30 | 000,000,000 | ---D | M] (Orange Fox) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{5b35cb30-16b4-11de-8c30-0800200c9a66}
[2013.06.28 06:40:37 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013.03.23 18:03:44 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\djziggy@gmail.com
[2011.10.16 15:51:30 | 000,067,892 | ---- | M] () (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi
[2013.07.19 21:17:11 | 000,223,750 | ---- | M] () (No name found) -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2011.05.02 18:41:14 | 000,002,212 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\Mozilla\Firefox\Profiles\wpcir2kh.default\searchplugins\zbocz.xml
[2013.07.07 00:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.07.07 07:31:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: http://www.google.com/
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0447243E-109A-4F27-9BF8-FA78AA93CB97}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C68FB0B-765A-4846-840D-07F26BC73322}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\Program Files (x86)\BrowseToSave\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.07.20 11:29:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
[2013.07.20 10:46:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.20 10:45:44 | 000,559,341 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Roko68\Desktop\JRT.exe
[2013.07.19 22:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.19 22:18:34 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.19 11:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2013.07.18 22:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2013.07.16 20:35:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.03.23 19:02:33 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Roko68\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 7 Days ==========
[2013.07.20 11:33:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.20 11:30:08 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.20 11:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roko68\Desktop\OTL.exe
[2013.07.20 11:21:08 | 000,029,851 | ---- | M] () -- C:\Users\Roko68\Documents\072013-48453-01.zip
[2013.07.20 11:16:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.20 11:16:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.20 11:09:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.20 11:09:17 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.20 10:58:04 | 000,666,633 | ---- | M] () -- C:\Users\Roko68\Desktop\adwcleaner.exe
[2013.07.20 10:45:55 | 000,559,341 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Roko68\Desktop\JRT.exe
[2013.07.20 01:41:36 | 000,290,032 | ---- | M] () -- C:\Users\Roko68\Documents\072013-48453-01.dmp
[2013.07.19 22:17:53 | 000,935,175 | ---- | M] () -- C:\Users\Roko68\Documents\RSITx64.exe
[2013.07.19 16:01:49 | 002,180,052 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.19 16:01:49 | 001,162,564 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.19 16:01:49 | 000,660,352 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.19 16:01:49 | 000,629,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.19 16:01:49 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.19 10:19:09 | 000,001,176 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\vso_ts_preview.xml
[2013.07.18 22:27:40 | 000,099,384 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2013.07.18 22:27:40 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Roko68\AppData\Roaming\pcouffin.sys
[2013.07.18 22:27:40 | 000,007,859 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.cat
[2013.07.18 22:27:40 | 000,001,167 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.inf
[2013.07.16 20:50:26 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.07.13 20:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Registry Winner Schedule.job
========== Files Created - No Company Name ==========
[2013.07.20 11:33:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.20 11:21:39 | 000,290,032 | ---- | C] () -- C:\Users\Roko68\Documents\072013-48453-01.dmp
[2013.07.20 11:21:07 | 000,029,851 | ---- | C] () -- C:\Users\Roko68\Documents\072013-48453-01.zip
[2013.07.20 10:57:53 | 000,666,633 | ---- | C] () -- C:\Users\Roko68\Desktop\adwcleaner.exe
[2013.07.19 22:17:43 | 000,935,175 | ---- | C] () -- C:\Users\Roko68\Documents\RSITx64.exe
[2013.07.16 20:39:56 | 000,002,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.06.29 12:59:49 | 000,423,709 | ---- | C] () -- C:\Users\Roko68\AppData\Local\mysearchdial_speedial_v9.0.2.crx
[2013.04.06 17:07:55 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2013.03.23 19:07:13 | 000,001,176 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\vso_ts_preview.xml
[2013.03.23 19:02:33 | 000,099,384 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2013.03.23 19:02:33 | 000,007,859 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.cat
[2013.03.23 19:02:33 | 000,001,167 | ---- | C] () -- C:\Users\Roko68\AppData\Roaming\pcouffin.inf
[2013.03.23 17:21:14 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2013.03.23 17:21:14 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013.03.23 17:21:14 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2013.03.23 17:21:14 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2013.03.23 17:21:14 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2013.03.23 17:21:14 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2013.03.23 17:13:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.05.25 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Míša\AppData\Roaming\WinTools
[2013.05.07 21:12:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Alawar Stargaze
[2013.05.03 21:27:40 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Artogon
[2013.07.05 22:31:54 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\AtlanticJourney
[2013.04.19 18:16:30 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\calibre
[2013.05.03 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ERS Game Studios
[2013.06.15 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Melesta
[2013.07.04 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Meridian93
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\PhotoFiltre Studio X
[2013.06.15 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rainbow
[2013.03.23 23:19:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rumbic Studio
[2013.06.29 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Uniblue
[2013.07.19 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\uTorrent
[2013.07.19 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Vso
[2013.06.13 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Windows Live Writer
[2013.03.23 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinTools
[2013.07.11 22:42:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Wise Disk Cleaner
[2013.03.24 20:38:08 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\PhotoFiltre Studio X
[2013.03.28 20:07:18 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\Rumbic Studio
[2013.05.22 19:01:16 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\uTorrent
[2013.03.24 12:43:28 | 000,000,000 | ---D | M] -- C:\Users\Veronika\AppData\Roaming\WinTools
========== Purity Check ==========
Re: Prosím o kontrolu logu.
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,590 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.23 18:11:35 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.24 18:32:42 | 000,000,430 | ---- | C] () -- C:\Windows\Tasks\Registry Winner Schedule.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.09 07:52:50 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Adobe
[2013.03.30 17:35:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Ahead
[2013.05.07 21:12:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Alawar Stargaze
[2013.05.03 21:27:40 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Artogon
[2013.03.23 17:55:57 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ATI
[2013.07.05 22:31:54 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\AtlanticJourney
[2013.04.19 18:16:30 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\calibre
[2013.05.03 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ERS Game Studios
[2013.03.23 17:55:55 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Google
[2013.03.23 18:06:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Identities
[2013.03.23 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Macromedia
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Media Center Programs
[2013.06.15 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Melesta
[2013.07.04 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Meridian93
[2013.07.11 22:03:52 | 000,000,000 | --SD | M] -- C:\Users\Roko68\AppData\Roaming\Microsoft
[2013.03.23 18:01:34 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Mozilla
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\PhotoFiltre Studio X
[2013.06.15 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rainbow
[2013.03.23 23:19:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rumbic Studio
[2013.06.18 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Skype
[2013.06.29 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Uniblue
[2013.07.19 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\uTorrent
[2013.06.01 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\vlc
[2013.07.19 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Vso
[2013.06.13 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Windows Live Writer
[2013.03.23 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinRAR
[2013.03.23 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinTools
[2013.07.11 22:42:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Wise Disk Cleaner
< %APPDATA%\*.exe /s >
[2013.07.18 22:27:40 | 000,099,384 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2010.07.15 03:34:42 | 000,038,200 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.07.20 11:30:08 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.13 20:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Registry Winner Schedule.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.27 20:03:40 | 000,152,872 | ---- | M] (Nero AG)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.07.07 07:31:32 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=C8D28F8B498CADBB9445AC4545BD41B7 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.20 11:33:51 | 000,000,512 | ---- | M] () MD5=C24BD0ACED27A127B2860DCF43BDC307 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.04.06 20:54:47 | 000,357,986 | ---- | M] () -- \Users\Roko68\AppData\Local\GameHouse\Bejeweled3\cached\sounds\firework_crackle.wav
< *keygen* /s >
[2013.07.20 10:54:53 | 000,000,544 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$I51SC3A.Keygen-MAZE
[96 \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\*.tmp files -> \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\*.tmp -> ]
[2013.01.27 15:16:53 | 000,048,640 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R51SC3A.Keygen-MAZE\Keygen.exe
[2013.06.27 00:49:58 | 000,499,712 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RDCZPLR.Patch-CORE\keygen.exe
[2013.07.18 05:14:58 | 000,499,712 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RHFNNX1.Patch-CORE\keygen.exe
[2013.07.19 11:23:26 | 000,219,614 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-319750A0.pf
[2013.07.19 11:25:34 | 000,186,862 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-D90BFE32.pf
< *loader* /s >
[2007.06.27 20:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.05 23:12:10 | 000,675,568 | ---- | M] () -- \Program Files (x86)\eMachines Games\eMachines Game Console\WTDownloader.exe
[2010.06.01 23:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2012.01.09 20:43:56 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2009.05.11 19:48:42 | 000,000,747 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.05.11 19:48:42 | 000,000,640 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.05.11 19:48:42 | 000,002,068 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.05.11 19:48:42 | 000,012,527 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.05.11 19:48:42 | 000,003,194 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\js\online_loader.js
[2010.04.04 01:08:12 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,083 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,241 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\swf\loader_web.swf
[2010.04.04 01:08:18 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\swf\loader_web.swf
[2010.04.04 01:08:06 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2010.04.04 01:08:24 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,199 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,515 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\swf\loader_web.swf
[2010.04.04 01:08:30 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,031 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,665 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2010.04.04 01:08:36 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,143 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,545 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2010.04.04 01:08:40 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,186 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,368 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\swf\loader_web.swf
[2010.04.04 01:08:48 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,160 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,054 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2010.04.04 01:09:04 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\Online_Loader.html
[2010.03.06 00:18:44 | 000,003,210 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2010.03.05 20:34:30 | 000,003,581 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2010.04.04 01:08:54 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,111 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,092 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2010.04.04 01:09:00 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.05.11 19:48:42 | 000,002,778 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,219 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2009.05.11 19:48:42 | 000,000,747 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.05.11 19:48:42 | 000,000,640 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.05.11 19:48:42 | 000,002,068 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.05.11 19:48:42 | 000,012,527 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.05.11 19:48:42 | 000,003,194 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\js\online_loader.js
[2010.04.04 01:08:12 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,083 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,241 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\swf\loader_web.swf
[2010.04.04 01:08:18 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\swf\loader_web.swf
[2010.04.04 01:08:06 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2010.04.04 01:08:24 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,199 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,515 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\swf\loader_web.swf
[2010.04.04 01:08:30 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,031 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,665 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2010.04.04 01:08:36 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,143 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,545 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2010.04.04 01:08:40 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,186 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,368 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\swf\loader_web.swf
[2010.04.04 01:08:48 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,160 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,054 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2010.04.04 01:09:04 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\Online_Loader.html
[2010.03.06 00:18:44 | 000,003,210 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2010.03.05 20:34:30 | 000,003,581 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2010.04.04 01:08:54 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,111 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,092 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2010.04.04 01:09:00 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.05.11 19:48:42 | 000,002,778 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,219 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2013.07.11 14:51:23 | 000,000,723 | ---- | M] () -- \Users\Míša\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2IH613B\downloaderror[1].js
[2013.07.11 14:51:23 | 000,001,174 | ---- | M] () -- \Users\Míša\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2IH613B\downloader[1].js
[2013.04.12 00:12:42 | 000,044,032 | ---- | M] () -- \Users\Roko68\Documents\1. Portable prog\Calibre Portable\Calibre\DLLs\PyISAPI_loader.dll
[2013.04.14 07:55:17 | 000,003,784 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\bundleloader[1].js
[2013.04.14 07:55:33 | 000,000,723 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\downloaderror[1].js
[2013.04.14 07:55:33 | 000,001,174 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\downloader[1].js
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.24 01:58:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010.01.22 10:31:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16508_none_b7752fe386144dba.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2010.01.22 12:00:30 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20624_none_b7e52bae9f45c00a.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,590 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.23 18:11:35 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.24 18:32:42 | 000,000,430 | ---- | C] () -- C:\Windows\Tasks\Registry Winner Schedule.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.09 07:52:50 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Adobe
[2013.03.30 17:35:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Ahead
[2013.05.07 21:12:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Alawar Stargaze
[2013.05.03 21:27:40 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Artogon
[2013.03.23 17:55:57 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ATI
[2013.07.05 22:31:54 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\AtlanticJourney
[2013.04.19 18:16:30 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\calibre
[2013.05.03 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\ERS Game Studios
[2013.03.23 17:55:55 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Google
[2013.03.23 18:06:52 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Identities
[2013.03.23 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Macromedia
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Media Center Programs
[2013.06.15 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Melesta
[2013.07.04 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Meridian93
[2013.07.11 22:03:52 | 000,000,000 | --SD | M] -- C:\Users\Roko68\AppData\Roaming\Microsoft
[2013.03.23 18:01:34 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Mozilla
[2013.07.06 13:19:20 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\PhotoFiltre Studio X
[2013.06.15 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rainbow
[2013.03.23 23:19:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Rumbic Studio
[2013.06.18 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Skype
[2013.06.29 12:40:03 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Uniblue
[2013.07.19 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\uTorrent
[2013.06.01 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\vlc
[2013.07.19 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Vso
[2013.06.13 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Windows Live Writer
[2013.03.23 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinRAR
[2013.03.23 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\WinTools
[2013.07.11 22:42:37 | 000,000,000 | ---D | M] -- C:\Users\Roko68\AppData\Roaming\Wise Disk Cleaner
< %APPDATA%\*.exe /s >
[2013.07.18 22:27:40 | 000,099,384 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\inst.exe
[2010.07.15 03:34:42 | 000,038,200 | ---- | M] () -- C:\Users\Roko68\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.07.20 11:30:08 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.13 20:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Registry Winner Schedule.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.27 20:03:40 | 000,152,872 | ---- | M] (Nero AG)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.07.07 07:31:32 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=C8D28F8B498CADBB9445AC4545BD41B7 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.20 11:33:51 | 000,000,512 | ---- | M] () MD5=C24BD0ACED27A127B2860DCF43BDC307 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.04.06 20:54:47 | 000,357,986 | ---- | M] () -- \Users\Roko68\AppData\Local\GameHouse\Bejeweled3\cached\sounds\firework_crackle.wav
< *keygen* /s >
[2013.07.20 10:54:53 | 000,000,544 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$I51SC3A.Keygen-MAZE
[96 \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\*.tmp files -> \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\*.tmp -> ]
[2013.01.27 15:16:53 | 000,048,640 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R51SC3A.Keygen-MAZE\Keygen.exe
[2013.06.27 00:49:58 | 000,499,712 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RDCZPLR.Patch-CORE\keygen.exe
[2013.07.18 05:14:58 | 000,499,712 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RHFNNX1.Patch-CORE\keygen.exe
[2013.07.19 11:23:26 | 000,219,614 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-319750A0.pf
[2013.07.19 11:25:34 | 000,186,862 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-D90BFE32.pf
< *loader* /s >
[2007.06.27 20:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.05 23:12:10 | 000,675,568 | ---- | M] () -- \Program Files (x86)\eMachines Games\eMachines Game Console\WTDownloader.exe
[2010.06.01 23:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2012.01.09 20:43:56 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2009.05.11 19:48:42 | 000,000,747 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.05.11 19:48:42 | 000,000,640 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.05.11 19:48:42 | 000,002,068 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.05.11 19:48:42 | 000,012,527 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.05.11 19:48:42 | 000,003,194 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\Common\js\online_loader.js
[2010.04.04 01:08:12 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,083 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,241 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\de\swf\loader_web.swf
[2010.04.04 01:08:18 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en\swf\loader_web.swf
[2010.04.04 01:08:06 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2010.04.04 01:08:24 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,199 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,515 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es\swf\loader_web.swf
[2010.04.04 01:08:30 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,031 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,665 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2010.04.04 01:08:36 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,143 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,545 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2010.04.04 01:08:40 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,186 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,368 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\it\swf\loader_web.swf
[2010.04.04 01:08:48 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,160 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,054 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2010.04.04 01:09:04 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\Online_Loader.html
[2010.03.06 00:18:44 | 000,003,210 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2010.03.05 20:34:30 | 000,003,581 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2010.04.04 01:08:54 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,111 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,092 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2010.04.04 01:09:00 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.05.11 19:48:42 | 000,002,778 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,219 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2009.05.11 19:48:42 | 000,000,747 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.05.11 19:48:42 | 000,000,640 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.05.11 19:48:42 | 000,002,068 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.05.11 19:48:42 | 000,012,527 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.05.11 19:48:42 | 000,003,194 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\Common\js\online_loader.js
[2010.04.04 01:08:12 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,083 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,241 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\de\swf\loader_web.swf
[2010.04.04 01:08:18 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en\swf\loader_web.swf
[2010.04.04 01:08:06 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.05.11 19:48:42 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2010.04.04 01:08:24 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,199 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,515 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es\swf\loader_web.swf
[2010.04.04 01:08:30 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,031 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,665 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2010.04.04 01:08:36 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,143 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,545 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2010.04.04 01:08:40 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,186 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,368 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\it\swf\loader_web.swf
[2010.04.04 01:08:48 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,160 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,054 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2010.04.04 01:09:04 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\Online_Loader.html
[2010.03.06 00:18:44 | 000,003,210 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2010.03.05 20:34:30 | 000,003,581 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2010.04.04 01:08:54 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.05.11 19:48:42 | 000,003,111 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,092 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2010.04.04 01:09:00 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.05.11 19:48:42 | 000,002,778 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.05.11 19:48:42 | 000,003,219 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2013.07.11 14:51:23 | 000,000,723 | ---- | M] () -- \Users\Míša\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2IH613B\downloaderror[1].js
[2013.07.11 14:51:23 | 000,001,174 | ---- | M] () -- \Users\Míša\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2IH613B\downloader[1].js
[2013.04.12 00:12:42 | 000,044,032 | ---- | M] () -- \Users\Roko68\Documents\1. Portable prog\Calibre Portable\Calibre\DLLs\PyISAPI_loader.dll
[2013.04.14 07:55:17 | 000,003,784 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\bundleloader[1].js
[2013.04.14 07:55:33 | 000,000,723 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\downloaderror[1].js
[2013.04.14 07:55:33 | 000,001,174 | ---- | M] () -- \Users\Veronika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6TMZINEY\downloader[1].js
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.24 01:58:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010.01.22 10:31:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16508_none_b7752fe386144dba.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2010.01.22 12:00:30 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20624_none_b7e52bae9f45c00a.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: Prosím o kontrolu logu.
OTL Extras logfile created on: 20.7.2013 11:32:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roko68\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 74,71% Memory free
5,49 Gb Paging File | 4,44 Gb Available in Paging File | 80,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 398,88 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Computer Name: ROKO68-PC | User Name: Roko68 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0963CB82-4B8A-408A-A494-319C2B80AFBB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1C57352E-A70A-404B-8872-55C74953ADFB}" = lport=139 | protocol=6 | dir=in | app=system |
"{2DD2A0D3-33BC-4F46-9BCE-50C40DF6D2B1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3EB63167-C002-456F-9F18-0E7A60495968}" = rport=445 | protocol=6 | dir=out | app=system |
"{416EF7AC-C94C-42D5-A9C2-F1EF33514F47}" = rport=137 | protocol=17 | dir=out | app=system |
"{46EFD009-EAF5-4DB4-A75A-70CDB21AB362}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B75038E-D2DB-4E62-BAB5-D966586CBB67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6915D977-F5CD-494C-B95F-D732C3F8F267}" = rport=10243 | protocol=6 | dir=out | app=system |
"{71BDEB7C-4D82-4E0B-96F8-0E3F92B912BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72EC2C45-E083-42EE-A190-EBF588A9AA3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E3F03EE-9E1F-4D4B-B69D-F13199A467D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{89154A27-7F85-4C28-A38E-7377511498D4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8DC9C004-4806-44E4-8D6A-3B806EA3BFDB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{911E7223-C3C1-4CBB-8755-FB536AF45DB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{91ACEBC4-841A-4068-9FB7-A19C4F8462D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{91B283C0-13B2-4C29-983E-79F8B6ECA36F}" = lport=445 | protocol=6 | dir=in | app=system |
"{94ED4ABB-C332-404F-97D9-A00C415701E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9B2E3A80-67CC-4FE0-880E-D15583952DB4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B511D65B-BA46-40D9-B962-7314AD9C87D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BA88F0AF-E028-4ED3-8078-4B39D9E77C25}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E52CC6C1-00A8-4F24-8CA0-B40931999F6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ECD1FA1A-6C9F-4E30-8DDA-0B8783319636}" = rport=139 | protocol=6 | dir=out | app=system |
"{F07080DF-132F-4C05-A43E-F53163EB3F8D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F883D2C6-7E8E-4DBE-9639-9BF2C373D574}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA61130A-7CB1-422E-884A-E5B4A60105B6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FCBB71C-FA7D-46D0-B9BB-7F871DD4EC5E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{24E33DFA-7E55-454E-9C99-89D89679A243}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2B2A7D4E-E9DA-4D2A-9A22-FCF6DA2333F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2C734A80-72B1-48DF-8A74-CA568E67FF3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{307CA2AF-8EDE-4E81-BC2D-00AEC4D50BAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4BACB0A4-4AA6-4F4C-88CA-E02E4524A3B7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{50250B46-400E-4BB6-A22B-F9C24892A334}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{57789FC9-33BD-4AD4-B30F-BC16910D8A57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65A72D94-23BF-4645-98D3-D75FCBDCE501}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{743CC3C8-9729-49E3-ADDE-2FABEFB9D25B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A1EEED9-9217-4860-90B7-1FAD02B47FC8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{814313CF-06A3-4C18-B491-77B2A0F2F79C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{90E7E02A-1B7C-45F1-980E-00CCEB4B7894}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2B251DE-6179-4B46-B6ED-D28BEB3C8CC7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A491C038-6C1E-453E-930C-899E5ED045C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AB28B271-365C-4C8C-BC28-52579B49A395}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B1CF23BC-CF73-4596-AAF4-A50EB8362B34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE69C5B1-C8CD-4705-994D-25263E013996}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C12150B9-064C-42EE-BC33-D0B02A29A16B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CED0ACA6-5EBD-4A8E-B82D-F214F911135F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D545A1BF-1AF7-4CDD-8651-D7992B928C5A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF6F9D03-C413-4CDA-90FD-29266FEE2BB0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{DFA723D0-5866-4F5C-8AD3-6837F2834514}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E6C0A737-A05D-4581-8BE1-8507E5E43B8A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7EE072A-A6DF-4AC0-9F60-792EAB4EBD26}" = protocol=6 | dir=out | app=system |
"{EB2F89FC-53A7-4149-9E23-CB5C62D0C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{16D8AAE0-EA5A-F5AC-D9B7-4B802EC1CB46}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21958FA9-A346-4745-E831-98013FA0C203}" = ATI Catalyst Install Manager
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC608F60-9815-4DB4-AF5F-D0377783AD96}" = BrowseToSave
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.10 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{191348A7-13EC-2650-6ABC-1C1D2423A40C}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23D5D3E2-26F4-556E-B798-09B7CC796BD1}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3653CD74-6658-CEBB-CD6D-C0307AD95C42}" = CCC Help Dutch
"{3DB0448D-AD82-4923-B305-D001E521A964}" = eMachines Power Management
"{41545534-0076-A76A-76A7-A758B70B0A00}" = Ask Toolbar
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4460DD07-4171-C90E-1D90-B77AC15A1091}" = CCC Help Danish
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0E901E-F7E0-E568-85C8-2EA65A1BDAF5}" = CCC Help Turkish
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D20ABBF-B73C-A373-5BAB-D4B0339B6A0A}" = CCC Help Japanese
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3D0EE7-72E0-B579-425A-098B091709A8}" = CCC Help Chinese Standard
"{5FB9AC96-BC36-7EED-7DCF-8B2FF4437A59}" = ccc-core-static
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65E556A8-6CA0-22A4-6818-6CD068DA0AFD}" = Catalyst Control Center Graphics Full New
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F29746D-92E6-F783-A0F4-4F096E78D050}" = Catalyst Control Center Graphics Full Existing
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Video Web Camera
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B96F0C0-BDD3-A367-11CC-45597C63ABEB}" = Catalyst Control Center Graphics Light
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8595562C-577E-5EF2-D41B-ED9179C11148}" = CCC Help Thai
"{8A7F7E19-9019-D754-4BCF-48C6439F99C3}" = CCC Help English
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DB37F8B-12E1-E616-3D73-8D09FC012107}" = CCC Help Swedish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A23514CE-CE89-43D1-BAB2-685E49538766}" = CCC Help Hungarian
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1" = WinTools.net Premium version 13.0
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{B2F7D09B-E3AE-8BCA-A798-C8DA98D0A9AC}" = CCC Help Norwegian
"{B376DE99-5243-D03D-B51D-4BE193EA7985}" = CCC Help Greek
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BDBAEB81-FACA-1CF6-9A74-8EB532F0012D}" = CCC Help Spanish
"{C2BE0404-9252-8657-6839-EA2B60EA3CE8}" = Catalyst Control Center Localization All
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CB8D8129-4592-3EB9-4976-68515DC4D0C1}" = CCC Help French
"{CC757D67-711D-4459-AB6A-8835CA5BF699}" = CCC Help Chinese Traditional
"{CC9D85AF-30DB-55A0-1E00-976BFDAF04D0}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC8F6F65-558C-1C57-8F08-D367F6C19988}" = CCC Help Korean
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF57F301-0416-55BA-8287-5E929615D967}" = CCC Help Polish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3CA43BE-C574-1938-E60B-E7A4486A1DAD}" = CCC Help Finnish
"{E4CD072D-13E1-5EAB-A350-76E7F8A2DD51}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{EF48185C-1BE3-3EE0-22C5-EDE82A08C105}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A271D-5602-CA19-6456-AEB22BEFE1EA}" = Catalyst Control Center Core Implementation
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"{FDAEEEC4-E57E-D75A-E885-EE4E3BEE916B}" = CCC Help Czech
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF6BA6F7-67C8-5F93-89B7-F6679D51D869}" = Catalyst Control Center InstallProxy
"µTorrent CZ_is1" = µTorrent CZ 1.7.7 (build 8179)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"eMachines Game Console" = eMachines Game Console
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Identity Card" = Identity Card
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SP_f2a323db" =
"VLC media player" = VLC media player 2.0.5
"WildTangent emachines Master Uninstall" = eMachines Games
"WinLiveSuite" = Windows Live Essentials
"WT088147" = Agatha Christie - Death on the Nile
"WT088155" = Bejeweled 2 Deluxe
"WT088159" = Build-a-lot 2
"WT088166" = Chuzzle Deluxe
"WT088175" = Diner Dash 2 Restaurant Rescue
"WT088181" = Farm Frenzy
"WT088189" = Insaniquarium Deluxe
"WT088194" = Jewel Quest Solitaire 2
"WT088203" = Plants vs. Zombies
"WT088215" = Zuma Deluxe
"WT088414" = FATE
"WT088418" = Final Drive Nitro
"WT088446" = John Deere Drive Green
"WT088450" = Penguins!
"WT088454" = Polar Bowler
"WT088458" = Polar Golfer
"WT088506" = Virtual Villagers 4 - The Tree of Life
"WT088521" = Zuma's Revenge
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"uTorrent" = µTorrent
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roko68\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 74,71% Memory free
5,49 Gb Paging File | 4,44 Gb Available in Paging File | 80,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 398,88 Gb Free Space | 88,31% Space Free | Partition Type: NTFS
Computer Name: ROKO68-PC | User Name: Roko68 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0963CB82-4B8A-408A-A494-319C2B80AFBB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1C57352E-A70A-404B-8872-55C74953ADFB}" = lport=139 | protocol=6 | dir=in | app=system |
"{2DD2A0D3-33BC-4F46-9BCE-50C40DF6D2B1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3EB63167-C002-456F-9F18-0E7A60495968}" = rport=445 | protocol=6 | dir=out | app=system |
"{416EF7AC-C94C-42D5-A9C2-F1EF33514F47}" = rport=137 | protocol=17 | dir=out | app=system |
"{46EFD009-EAF5-4DB4-A75A-70CDB21AB362}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B75038E-D2DB-4E62-BAB5-D966586CBB67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6915D977-F5CD-494C-B95F-D732C3F8F267}" = rport=10243 | protocol=6 | dir=out | app=system |
"{71BDEB7C-4D82-4E0B-96F8-0E3F92B912BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72EC2C45-E083-42EE-A190-EBF588A9AA3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E3F03EE-9E1F-4D4B-B69D-F13199A467D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{89154A27-7F85-4C28-A38E-7377511498D4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8DC9C004-4806-44E4-8D6A-3B806EA3BFDB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{911E7223-C3C1-4CBB-8755-FB536AF45DB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{91ACEBC4-841A-4068-9FB7-A19C4F8462D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{91B283C0-13B2-4C29-983E-79F8B6ECA36F}" = lport=445 | protocol=6 | dir=in | app=system |
"{94ED4ABB-C332-404F-97D9-A00C415701E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9B2E3A80-67CC-4FE0-880E-D15583952DB4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B511D65B-BA46-40D9-B962-7314AD9C87D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BA88F0AF-E028-4ED3-8078-4B39D9E77C25}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E52CC6C1-00A8-4F24-8CA0-B40931999F6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ECD1FA1A-6C9F-4E30-8DDA-0B8783319636}" = rport=139 | protocol=6 | dir=out | app=system |
"{F07080DF-132F-4C05-A43E-F53163EB3F8D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F883D2C6-7E8E-4DBE-9639-9BF2C373D574}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA61130A-7CB1-422E-884A-E5B4A60105B6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FCBB71C-FA7D-46D0-B9BB-7F871DD4EC5E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{24E33DFA-7E55-454E-9C99-89D89679A243}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2B2A7D4E-E9DA-4D2A-9A22-FCF6DA2333F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2C734A80-72B1-48DF-8A74-CA568E67FF3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{307CA2AF-8EDE-4E81-BC2D-00AEC4D50BAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4BACB0A4-4AA6-4F4C-88CA-E02E4524A3B7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{50250B46-400E-4BB6-A22B-F9C24892A334}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{57789FC9-33BD-4AD4-B30F-BC16910D8A57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65A72D94-23BF-4645-98D3-D75FCBDCE501}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{743CC3C8-9729-49E3-ADDE-2FABEFB9D25B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A1EEED9-9217-4860-90B7-1FAD02B47FC8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{814313CF-06A3-4C18-B491-77B2A0F2F79C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{90E7E02A-1B7C-45F1-980E-00CCEB4B7894}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2B251DE-6179-4B46-B6ED-D28BEB3C8CC7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A491C038-6C1E-453E-930C-899E5ED045C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AB28B271-365C-4C8C-BC28-52579B49A395}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B1CF23BC-CF73-4596-AAF4-A50EB8362B34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE69C5B1-C8CD-4705-994D-25263E013996}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C12150B9-064C-42EE-BC33-D0B02A29A16B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CED0ACA6-5EBD-4A8E-B82D-F214F911135F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D545A1BF-1AF7-4CDD-8651-D7992B928C5A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF6F9D03-C413-4CDA-90FD-29266FEE2BB0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{DFA723D0-5866-4F5C-8AD3-6837F2834514}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E6C0A737-A05D-4581-8BE1-8507E5E43B8A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7EE072A-A6DF-4AC0-9F60-792EAB4EBD26}" = protocol=6 | dir=out | app=system |
"{EB2F89FC-53A7-4149-9E23-CB5C62D0C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{16D8AAE0-EA5A-F5AC-D9B7-4B802EC1CB46}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21958FA9-A346-4745-E831-98013FA0C203}" = ATI Catalyst Install Manager
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC608F60-9815-4DB4-AF5F-D0377783AD96}" = BrowseToSave
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.10 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{191348A7-13EC-2650-6ABC-1C1D2423A40C}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23D5D3E2-26F4-556E-B798-09B7CC796BD1}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3653CD74-6658-CEBB-CD6D-C0307AD95C42}" = CCC Help Dutch
"{3DB0448D-AD82-4923-B305-D001E521A964}" = eMachines Power Management
"{41545534-0076-A76A-76A7-A758B70B0A00}" = Ask Toolbar
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4460DD07-4171-C90E-1D90-B77AC15A1091}" = CCC Help Danish
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0E901E-F7E0-E568-85C8-2EA65A1BDAF5}" = CCC Help Turkish
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D20ABBF-B73C-A373-5BAB-D4B0339B6A0A}" = CCC Help Japanese
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3D0EE7-72E0-B579-425A-098B091709A8}" = CCC Help Chinese Standard
"{5FB9AC96-BC36-7EED-7DCF-8B2FF4437A59}" = ccc-core-static
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65E556A8-6CA0-22A4-6818-6CD068DA0AFD}" = Catalyst Control Center Graphics Full New
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F29746D-92E6-F783-A0F4-4F096E78D050}" = Catalyst Control Center Graphics Full Existing
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Video Web Camera
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B96F0C0-BDD3-A367-11CC-45597C63ABEB}" = Catalyst Control Center Graphics Light
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8595562C-577E-5EF2-D41B-ED9179C11148}" = CCC Help Thai
"{8A7F7E19-9019-D754-4BCF-48C6439F99C3}" = CCC Help English
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DB37F8B-12E1-E616-3D73-8D09FC012107}" = CCC Help Swedish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A23514CE-CE89-43D1-BAB2-685E49538766}" = CCC Help Hungarian
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1" = WinTools.net Premium version 13.0
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{B2F7D09B-E3AE-8BCA-A798-C8DA98D0A9AC}" = CCC Help Norwegian
"{B376DE99-5243-D03D-B51D-4BE193EA7985}" = CCC Help Greek
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BDBAEB81-FACA-1CF6-9A74-8EB532F0012D}" = CCC Help Spanish
"{C2BE0404-9252-8657-6839-EA2B60EA3CE8}" = Catalyst Control Center Localization All
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CB8D8129-4592-3EB9-4976-68515DC4D0C1}" = CCC Help French
"{CC757D67-711D-4459-AB6A-8835CA5BF699}" = CCC Help Chinese Traditional
"{CC9D85AF-30DB-55A0-1E00-976BFDAF04D0}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC8F6F65-558C-1C57-8F08-D367F6C19988}" = CCC Help Korean
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF57F301-0416-55BA-8287-5E929615D967}" = CCC Help Polish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3CA43BE-C574-1938-E60B-E7A4486A1DAD}" = CCC Help Finnish
"{E4CD072D-13E1-5EAB-A350-76E7F8A2DD51}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{EF48185C-1BE3-3EE0-22C5-EDE82A08C105}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A271D-5602-CA19-6456-AEB22BEFE1EA}" = Catalyst Control Center Core Implementation
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"{FDAEEEC4-E57E-D75A-E885-EE4E3BEE916B}" = CCC Help Czech
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF6BA6F7-67C8-5F93-89B7-F6679D51D869}" = Catalyst Control Center InstallProxy
"µTorrent CZ_is1" = µTorrent CZ 1.7.7 (build 8179)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"eMachines Game Console" = eMachines Game Console
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Identity Card" = Identity Card
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SP_f2a323db" =
"VLC media player" = VLC media player 2.0.5
"WildTangent emachines Master Uninstall" = eMachines Games
"WinLiveSuite" = Windows Live Essentials
"WT088147" = Agatha Christie - Death on the Nile
"WT088155" = Bejeweled 2 Deluxe
"WT088159" = Build-a-lot 2
"WT088166" = Chuzzle Deluxe
"WT088175" = Diner Dash 2 Restaurant Rescue
"WT088181" = Farm Frenzy
"WT088189" = Insaniquarium Deluxe
"WT088194" = Jewel Quest Solitaire 2
"WT088203" = Plants vs. Zombies
"WT088215" = Zuma Deluxe
"WT088414" = FATE
"WT088418" = Final Drive Nitro
"WT088446" = John Deere Drive Green
"WT088450" = Penguins!
"WT088454" = Polar Bowler
"WT088458" = Polar Golfer
"WT088506" = Virtual Villagers 4 - The Tree of Life
"WT088521" = Zuma's Revenge
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"uTorrent" = µTorrent
< End of report >
Re: Prosím o kontrolu logu.
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= IE - HKLM\..\SearchScopes\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 5r4792s46s IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/ IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0DyBtCtD0B0B0BtCyE0ByDtN0D0Tzu0CyDyEyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=789043295&ir= O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" File not found O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found O8 - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. [2013.07.20 10:45:44 | 000,559,341 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Roko68\Desktop\JRT.exe [2013.07.20 11:30:08 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2013.07.13 20:00:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Registry Winner Schedule.job :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- "SunJavaUpdateSched"=- :files c:\$Recycle.Bin\ C:\Program Files (x86)\AskPartnerNetwork %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41545534-0076-A76A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545534-0076-A76A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Roko68\Desktop\JRT.exe moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\Registry Winner Schedule.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
c:\$Recycle.Bin\S-1-5-21-1516606222-288403311-1073621750-500 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-500 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1004 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1003 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\vsothumbs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local\stubexe\0x7F0D01C9DE62390D folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RU8W2RP folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\vsothumbs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local\stubexe\0x7F0D01C9DE62390D folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\ConvertX\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\ConvertX folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\common\sounds folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\common folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\vso glossy folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\vso glossy folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local\stubexe\0x180BEF4B81E40522 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\SKEL folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%SystemSystem%\CatRoot2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%SystemSystem% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir%\Yamicsoft\Windows 7 Manager folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir%\Yamicsoft folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%Local AppData% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RI55TDW\Messenger Companion folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RI55TDW folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RHFNNX1.Patch-CORE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RFSQ5LZ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RDCZPLR.Patch-CORE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka\VIDEO_TS folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka\AUDIO_TS folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R9RPQRJ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1\DVD Video\Kamarád_Timmy-01Timmyho_skládačka folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1\DVD Video folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R51SC3A.Keygen-MAZE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R4M8JQ7 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R2WVT32 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001 folder moved successfully.
c:\$Recycle.Bin folder moved successfully.
File\Folder C:\Program Files (x86)\AskPartnerNetwork not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Míša
->Temp folder emptied: 78159 bytes
->Temporary Internet Files folder emptied: 453481 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 71386539 bytes
->Flash cache emptied: 7828 bytes
User: Public
User: Roko68
->Temp folder emptied: 2788393 bytes
->Temporary Internet Files folder emptied: 3805204 bytes
->Java cache emptied: 3633753 bytes
->FireFox cache emptied: 122068150 bytes
->Flash cache emptied: 57948 bytes
User: Veronika
->Temp folder emptied: 124463 bytes
->Temporary Internet Files folder emptied: 685880 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 85407729 bytes
->Flash cache emptied: 6652 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17572 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 60876 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 277,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Míša
->Flash cache emptied: 0 bytes
User: Public
User: Roko68
->Flash cache emptied: 0 bytes
User: Veronika
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Míša
->Java cache emptied: 0 bytes
User: Public
User: Roko68
->Java cache emptied: 0 bytes
User: Veronika
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07202013_133414
Files\Folders moved on Reboot...
C:\Users\Roko68\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Roko68\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FD54B10-74CE-CA8F-2033-5BB940CE9D01}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68E6EE39-C250-B958-C3E7-5982E7E77CC3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1400317965-1229559708-3444131274-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41545534-0076-A76A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1400317965-1229559708-3444131274-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545534-0076-A76A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Roko68\Desktop\JRT.exe moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\Registry Winner Schedule.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
c:\$Recycle.Bin\S-1-5-21-1516606222-288403311-1073621750-500 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-500 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1004 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1003 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\vsothumbs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local\stubexe\0x7F0D01C9DE62390D folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RYTBCZG folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RU8W2RP folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\vsothumbs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter\1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\VSO Video Converter folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO\ConvertXtoDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local\stubexe\0x7F0D01C9DE62390D folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RRT00QN folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\ConvertX\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\ConvertX folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\common\sounds folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO\common folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@PROGRAMFILESX86@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\vso glossy folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5\log folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\modified folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\vso glossy folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\thriller folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\no menu folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\minimal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\imagewall folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\default folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\cx2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\classic folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates\black mirror folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5\Templates folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD\5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@\VSO folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta\@APPDATACOMMON@ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming\meta folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\roaming folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local\stubexe\0x180BEF4B81E40522 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local\stubexe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD\local folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45\ConvertXToDVD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMYN3L2.45 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\SKEL folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%SystemSystem%\CatRoot2 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%SystemSystem% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir%\Yamicsoft\Windows 7 Manager folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir%\Yamicsoft folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%ProgramFilesDir% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager\%Local AppData% folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y\Windows 7 Manager folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RMPQQ2Y folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RI55TDW\Messenger Companion folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RI55TDW folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RHFNNX1.Patch-CORE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RFSQ5LZ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RDCZPLR.Patch-CORE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka\VIDEO_TS folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka\AUDIO_TS folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP\Kamarád_Timmy-01Timmyho_skládačka folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$RCG0EQP folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R9RPQRJ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1\DVD Video\Kamarád_Timmy-01Timmyho_skládačka folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1\DVD Video folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R90CKG1 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R51SC3A.Keygen-MAZE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R4M8JQ7 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001\$R2WVT32 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-1400317965-1229559708-3444131274-1001 folder moved successfully.
c:\$Recycle.Bin folder moved successfully.
File\Folder C:\Program Files (x86)\AskPartnerNetwork not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Míša
->Temp folder emptied: 78159 bytes
->Temporary Internet Files folder emptied: 453481 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 71386539 bytes
->Flash cache emptied: 7828 bytes
User: Public
User: Roko68
->Temp folder emptied: 2788393 bytes
->Temporary Internet Files folder emptied: 3805204 bytes
->Java cache emptied: 3633753 bytes
->FireFox cache emptied: 122068150 bytes
->Flash cache emptied: 57948 bytes
User: Veronika
->Temp folder emptied: 124463 bytes
->Temporary Internet Files folder emptied: 685880 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 85407729 bytes
->Flash cache emptied: 6652 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17572 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 60876 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 277,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Míša
->Flash cache emptied: 0 bytes
User: Public
User: Roko68
->Flash cache emptied: 0 bytes
User: Veronika
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Míša
->Java cache emptied: 0 bytes
User: Public
User: Roko68
->Java cache emptied: 0 bytes
User: Veronika
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07202013_133414
Files\Folders moved on Reboot...
C:\Users\Roko68\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Roko68\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu.
OTL udelalo co melo, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
vše ok moc děkuji za pomoc 
Re: Prosím o kontrolu logu.
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
