Zpomalení PC

Zpráva

ŠtěpánkaP · #1 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 06:34

Dobrý den,

počítač měl měsíc ve správě rodinný příslušník a po jeho "navrácení" zpět mě došlo k výraznému zpomalení systému. Můžete na to mrknout, jestli tam něco není?

Děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Shaim at 2013-07-28 07:32:02
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 130 GB (25%) free of 512 GB
Total RAM: 8153 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:07, on 28.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe
C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe
C:\Program Files\Ext2Fsd\Ext2Mgr.exe
C:\Program Files (x86)\Razer\Boomslang\razerhid.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
C:\Program Files (x86)\VirtuaWin\modules\WinList.exe
C:\Program Files (x86)\Razer\Razer Lycosa\razertra.exe
C:\Windows\SysWOW64\qttask.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Razer\Boomslang\razertra.exe
C:\Program Files (x86)\Razer\Boomslang\razerofa.exe
C:\Program Files\trend micro\Shaim.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\SysWOW64\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Shaim_VirtuaWin] "C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe"
O4 - HKCU\..\Run: [Shaim_Vidalia] "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [Shaim_Lycosa] "C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe"
O4 - HKCU\..\Run: [Shaim_Ext2 Volume Manager] C:\Program Files\Ext2Fsd\Ext2Mgr.exe -quiet
O4 - HKCU\..\Run: [Shaim_Boomslang] C:\Program Files (x86)\Razer\Boomslang\razerhid.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Shaim\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F2BCE8-5A55-4A72-8613-674A73854030}: NameServer = 192.168.1.254,8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0393E36-D68D-444C-B7BF-C3CA24E90B59}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{25F2BCE8-5A55-4A72-8613-674A73854030}: NameServer = 192.168.1.254,8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{25F2BCE8-5A55-4A72-8613-674A73854030}: NameServer = 192.168.1.254,8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 6248 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x31c
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {3FFCC635-E1EA-4E9F-A0DD-753B844C4C97}
taskeng.exe {23D9D4B0-81FB-4D80-882D-AB466909E941}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\PCMeter\PCMeterV0.3.exe"
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe"
"C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
"C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe"
"C:\Program Files\Ext2Fsd\Ext2Mgr.exe" -quiet
"C:\Program Files (x86)\Razer\Boomslang\razerhid.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe" -f C:\Users\Shaim\AppData\Local\Vidalia\torrc ControlPort 9051 __OwningControllerProcess 3296 HashedControlPassword 16:64C9A94CEA248F5A60479D5872CD50F59B5AA66F627C603E7AE162BA4C
\??\C:\Windows\system32\conhost.exe "-440601186-1926100306-8500612493635263201711456791-720012693-13621819021195534536
"C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe" -c "C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.conf"
\??\C:\Windows\system32\conhost.exe "991908125-1640579416-21071035321286451601-2737118351696393103-734433269-1742685735
"C:\Program Files (x86)\VirtuaWin\modules\WinList.exe" -module
"C:\Program Files (x86)\Razer\Razer Lycosa\razertra.exe"
"C:\Windows\SysWOW64\qttask.exe" -atboottime
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Razer\Boomslang\razertra.exe"
"C:\Program Files (x86)\Razer\Boomslang\razerofa.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1270796135-2931976614-705505444-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1270796135-2931976614-705505444-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Rsit\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027]
"Description"=RealMedia Plugin
"Path"=C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040]
"Description"=6.0.12.1040
"Path"=C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npjp2.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\
cs@dictionaries.addons.mozilla.org
info@djzig.com
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}

C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\
ebay.xml
facebook.xml
google-cz.xml
php.xml
uloto.xml
whois.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 6330568]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Shaim_VirtuaWin"=C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe [2010-09-04 135680]
"Shaim_Vidalia"=C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [2012-07-28 6172985]
"Shaim_Lycosa"=C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe [2011-03-21 233984]
"Shaim_Ext2 Volume Manager"=C:\Program Files\Ext2Fsd\Ext2Mgr.exe [2011-02-05 1211536]
"Shaim_Boomslang"=C:\Program Files (x86)\Razer\Boomslang\razerhid.exe [2009-11-23 147456]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-06-06 19676256]
"Google Update"=C:\Users\Shaim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 116648]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Shaim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Windows\SysWOW64\qttask.exe [2012-09-27 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service]
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [2011-06-30 395152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"QuickTime Task"=C:\Windows\SysWOW64\qttask.exe [2012-09-27 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"EnableVirtualization"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0
"EnableLinkedConnections"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoDrives"=0
"NoWindowsUpdate"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"aux6"=wdmaud.drv
"aux8"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2013-07-28 07:32:02 ----D---- C:\rsit
2013-07-28 07:27:46 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-07-28 07:22:28 ----A---- C:\Program Files (x86)\FAP7C5C.tmp
2013-07-28 07:22:28 ----A---- C:\Program Files (x86)\FAP7C2C.tmp
2013-07-28 07:22:28 ----A---- C:\Program Files (x86)\FAP7BEB.tmp
2013-07-28 07:22:05 ----A---- C:\Program Files (x86)\FAP20DF.tmp
2013-07-28 07:22:05 ----A---- C:\Program Files (x86)\FAP20AE.tmp
2013-07-28 07:22:05 ----A---- C:\Program Files (x86)\FAP206D.tmp
2013-07-28 07:22:03 ----A---- C:\Program Files (x86)\FAP1A05.tmp
2013-07-28 07:22:03 ----A---- C:\Program Files (x86)\FAP19D5.tmp
2013-07-28 07:22:03 ----A---- C:\Program Files (x86)\FAP19A4.tmp
2013-07-28 07:22:02 ----A---- C:\Program Files (x86)\FAP15AC.tmp
2013-07-28 07:22:02 ----A---- C:\Program Files (x86)\FAP156B.tmp
2013-07-28 07:22:02 ----A---- C:\Program Files (x86)\FAP153B.tmp
2013-07-28 07:21:58 ----A---- C:\Program Files (x86)\FAP6C7.tmp
2013-07-28 07:21:58 ----A---- C:\Program Files (x86)\FAP6A6.tmp
2013-07-28 07:21:58 ----A---- C:\Program Files (x86)\FAP685.tmp
2013-07-28 07:21:43 ----A---- C:\Program Files (x86)\FAPC9A3.tmp
2013-07-28 07:21:43 ----A---- C:\Program Files (x86)\FAPC981.tmp
2013-07-28 07:21:43 ----A---- C:\Program Files (x86)\FAPC960.tmp
2013-07-28 07:21:02 ----A---- C:\Program Files (x86)\FAP2AEE.tmp
2013-07-28 07:21:02 ----A---- C:\Program Files (x86)\FAP2ACD.tmp
2013-07-28 07:21:02 ----A---- C:\Program Files (x86)\FAP2AAB.tmp
2013-07-28 07:20:50 ----A---- C:\Program Files (x86)\FAPFBBD.tmp
2013-07-28 07:20:50 ----A---- C:\Program Files (x86)\FAPFB9C.tmp
2013-07-28 07:20:50 ----A---- C:\Program Files (x86)\FAPFB7B.tmp
2013-07-28 07:20:44 ----A---- C:\Program Files (x86)\FAPE386.tmp
2013-07-28 07:20:44 ----A---- C:\Program Files (x86)\FAPE355.tmp
2013-07-28 07:20:44 ----A---- C:\Program Files (x86)\FAPE334.tmp
2013-07-28 07:20:37 ----A---- C:\Program Files (x86)\FAPCB01.tmp
2013-07-28 07:20:37 ----A---- C:\Program Files (x86)\FAPCAE0.tmp
2013-07-28 07:20:37 ----A---- C:\Program Files (x86)\FAPCABF.tmp
2013-07-28 07:20:14 ----A---- C:\Program Files (x86)\FAP6E1C.tmp
2013-07-28 07:20:14 ----A---- C:\Program Files (x86)\FAP6DEC.tmp
2013-07-28 07:20:14 ----A---- C:\Program Files (x86)\FAP6DBB.tmp
2013-07-28 07:19:22 ----A---- C:\Program Files (x86)\FAPA607.tmp
2013-07-28 07:19:22 ----A---- C:\Program Files (x86)\FAPA5E6.tmp
2013-07-28 07:19:22 ----A---- C:\Program Files (x86)\FAPA5B5.tmp
2013-07-28 07:18:55 ----A---- C:\Program Files (x86)\FAP3999.tmp
2013-07-28 07:18:55 ----A---- C:\Program Files (x86)\FAP3987.tmp
2013-07-28 07:18:55 ----A---- C:\Program Files (x86)\FAP3966.tmp
2013-07-28 07:18:40 ----A---- C:\Program Files (x86)\FAPFFE9.tmp
2013-07-28 07:18:40 ----A---- C:\Program Files (x86)\FAPA.tmp
2013-07-28 07:18:40 ----A---- C:\Program Files (x86)\FAP2B.tmp
2013-07-28 07:17:39 ----A---- C:\Program Files (x86)\FAP11F1.tmp
2013-07-28 07:17:39 ----A---- C:\Program Files (x86)\FAP11C0.tmp
2013-07-28 07:17:39 ----A---- C:\Program Files (x86)\FAP118F.tmp
2013-07-28 07:17:02 ----A---- C:\Program Files (x86)\FAP8343.tmp
2013-07-28 07:17:02 ----A---- C:\Program Files (x86)\FAP8302.tmp
2013-07-28 07:17:02 ----A---- C:\Program Files (x86)\FAP82C2.tmp
2013-07-28 07:16:31 ----A---- C:\Program Files (x86)\FAP6DD.tmp
2013-07-28 07:16:31 ----A---- C:\Program Files (x86)\FAP6BC.tmp
2013-07-28 07:16:31 ----A---- C:\Program Files (x86)\FAP69B.tmp
2013-07-28 07:16:01 ----A---- C:\Program Files (x86)\FAP914A.tmp
2013-07-28 07:16:01 ----A---- C:\Program Files (x86)\FAP911A.tmp
2013-07-28 07:16:00 ----A---- C:\Program Files (x86)\FAP90E9.tmp
2013-07-28 07:14:53 ----A---- C:\Program Files (x86)\FAP88CC.tmp
2013-07-28 07:14:53 ----A---- C:\Program Files (x86)\FAP889B.tmp
2013-07-28 07:14:53 ----A---- C:\Program Files (x86)\FAP885B.tmp
2013-07-28 07:14:21 ----A---- C:\Program Files (x86)\FAPC09.tmp
2013-07-28 07:14:21 ----A---- C:\Program Files (x86)\FAPBE7.tmp
2013-07-28 07:14:21 ----A---- C:\Program Files (x86)\FAPBC6.tmp
2013-07-28 07:14:12 ----A---- C:\Program Files (x86)\FAPE89B.tmp
2013-07-28 07:14:12 ----A---- C:\Program Files (x86)\FAPE87A.tmp
2013-07-28 07:14:12 ----A---- C:\Program Files (x86)\FAPE858.tmp
2013-07-28 07:13:37 ----A---- C:\Program Files (x86)\FAP619B.tmp
2013-07-28 07:13:37 ----A---- C:\Program Files (x86)\FAP616A.tmp
2013-07-28 07:13:37 ----A---- C:\Program Files (x86)\FAP6149.tmp
2013-07-28 07:13:31 ----A---- C:\Program Files (x86)\FAP48D7.tmp
2013-07-28 07:13:31 ----A---- C:\Program Files (x86)\FAP48B6.tmp
2013-07-28 07:13:31 ----A---- C:\Program Files (x86)\FAP4885.tmp
2013-07-28 07:13:17 ----A---- C:\Program Files (x86)\FAP12F3.tmp
2013-07-28 07:13:17 ----A---- C:\Program Files (x86)\FAP12C2.tmp
2013-07-28 07:13:17 ----A---- C:\Program Files (x86)\FAP12A1.tmp
2013-07-28 07:13:01 ----A---- C:\Program Files (x86)\FAPD2E1.tmp
2013-07-28 07:13:01 ----A---- C:\Program Files (x86)\FAPD2B0.tmp
2013-07-28 07:13:01 ----A---- C:\Program Files (x86)\FAPD270.tmp
2013-07-28 07:12:59 ----A---- C:\Program Files (x86)\FAPCCA4.tmp
2013-07-28 07:12:59 ----A---- C:\Program Files (x86)\FAPCC82.tmp
2013-07-28 07:12:59 ----A---- C:\Program Files (x86)\FAPCC52.tmp
2013-07-28 07:12:58 ----A---- C:\Program Files (x86)\FAPC982.tmp
2013-07-28 07:12:58 ----A---- C:\Program Files (x86)\FAPC951.tmp
2013-07-28 07:12:58 ----A---- C:\Program Files (x86)\FAPC920.tmp
2013-07-28 07:12:49 ----A---- C:\Program Files (x86)\FAPA653.tmp
2013-07-28 07:12:49 ----A---- C:\Program Files (x86)\FAPA622.tmp
2013-07-28 07:12:49 ----A---- C:\Program Files (x86)\FAPA5F1.tmp
2013-07-28 07:12:46 ----A---- C:\Program Files (x86)\FAP9923.tmp
2013-07-28 07:12:46 ----A---- C:\Program Files (x86)\FAP98E3.tmp
2013-07-28 07:12:46 ----A---- C:\Program Files (x86)\FAP98C2.tmp
2013-07-28 07:12:24 ----A---- C:\Program Files (x86)\FAP43DD.tmp
2013-07-28 07:12:24 ----A---- C:\Program Files (x86)\FAP43BB.tmp
2013-07-28 07:12:24 ----A---- C:\Program Files (x86)\FAP439A.tmp
2013-07-28 07:12:20 ----A---- C:\Program Files (x86)\FAP34BA.tmp
2013-07-28 07:12:20 ----A---- C:\Program Files (x86)\FAP3489.tmp
2013-07-28 07:12:20 ----A---- C:\Program Files (x86)\FAP3439.tmp
2013-07-28 07:12:02 ----A---- C:\Program Files (x86)\FAPEE90.tmp
2013-07-28 07:12:02 ----A---- C:\Program Files (x86)\FAPEE50.tmp
2013-07-28 07:12:02 ----A---- C:\Program Files (x86)\FAPEE2E.tmp
2013-07-28 07:11:56 ----A---- C:\Program Files (x86)\FAPD5EC.tmp
2013-07-28 07:11:56 ----A---- C:\Program Files (x86)\FAPD5CA.tmp
2013-07-28 07:11:56 ----A---- C:\Program Files (x86)\FAPD5A9.tmp
2013-07-28 07:11:41 ----A---- C:\Program Files (x86)\FAP9C7E.tmp
2013-07-28 07:11:41 ----A---- C:\Program Files (x86)\FAP9C3E.tmp
2013-07-28 07:11:41 ----A---- C:\Program Files (x86)\FAP9C0D.tmp
2013-07-28 07:11:37 ----A---- C:\Program Files (x86)\FAP8D5B.tmp
2013-07-28 07:11:37 ----A---- C:\Program Files (x86)\FAP8D3A.tmp
2013-07-28 07:11:37 ----A---- C:\Program Files (x86)\FAP8D09.tmp
2013-07-28 07:11:00 ----A---- C:\Program Files (x86)\FAPF960.tmp
2013-07-28 07:11:00 ----A---- C:\Program Files (x86)\FAPF93F.tmp
2013-07-28 07:11:00 ----A---- C:\Program Files (x86)\FAPF90E.tmp
2013-07-28 07:10:44 ----A---- C:\Program Files (x86)\FAPBC0D.tmp
2013-07-28 07:10:44 ----A---- C:\Program Files (x86)\FAPBBDC.tmp
2013-07-28 07:10:44 ----A---- C:\Program Files (x86)\FAPBB9C.tmp
2013-07-28 07:10:32 ----A---- C:\Program Files (x86)\FAP8BC3.tmp
2013-07-28 07:10:32 ----A---- C:\Program Files (x86)\FAP8B93.tmp
2013-07-28 07:10:31 ----A---- C:\Program Files (x86)\FAP8B52.tmp
2013-07-28 07:09:41 ----A---- C:\Program Files (x86)\FAPC68C.tmp
2013-07-28 07:09:41 ----A---- C:\Program Files (x86)\FAPC67A.tmp
2013-07-28 07:09:41 ----A---- C:\Program Files (x86)\FAPC649.tmp
2013-07-28 07:09:33 ----A---- C:\Program Files (x86)\FAPA84C.tmp
2013-07-28 07:09:33 ----A---- C:\Program Files (x86)\FAPA82B.tmp
2013-07-28 07:09:33 ----A---- C:\Program Files (x86)\FAPA809.tmp
2013-07-28 07:09:27 ----A---- C:\Program Files (x86)\FAP8E8F.tmp
2013-07-28 07:09:27 ----A---- C:\Program Files (x86)\FAP8E6D.tmp
2013-07-28 07:09:27 ----A---- C:\Program Files (x86)\FAP8E3D.tmp
2013-07-28 07:08:52 ----A---- C:\Program Files (x86)\FAP5F9.tmp
2013-07-28 07:08:52 ----A---- C:\Program Files (x86)\FAP5D8.tmp
2013-07-28 07:08:52 ----A---- C:\Program Files (x86)\FAP5B6.tmp
2013-07-28 07:08:26 ----A---- C:\Program Files (x86)\FAP9FB2.tmp
2013-07-28 07:08:26 ----A---- C:\Program Files (x86)\FAP9F81.tmp
2013-07-28 07:08:26 ----A---- C:\Program Files (x86)\FAP9F50.tmp
2013-07-28 07:07:39 ----A---- C:\Program Files (x86)\FAPEA23.tmp
2013-07-28 07:07:39 ----A---- C:\Program Files (x86)\FAPE9F2.tmp
2013-07-28 07:07:39 ----A---- C:\Program Files (x86)\FAPE9D1.tmp
2013-07-28 07:07:32 ----A---- C:\Program Files (x86)\FAPCDF6.tmp
2013-07-28 07:07:32 ----A---- C:\Program Files (x86)\FAPCDD5.tmp
2013-07-28 07:07:32 ----A---- C:\Program Files (x86)\FAPCDA4.tmp
2013-07-28 07:07:31 ----A---- C:\Program Files (x86)\FAPCA19.tmp
2013-07-28 07:07:31 ----A---- C:\Program Files (x86)\FAPC9E8.tmp
2013-07-28 07:07:31 ----A---- C:\Program Files (x86)\FAPC9B7.tmp
2013-07-28 07:07:29 ----A---- C:\Program Files (x86)\FAPC0B1.tmp
2013-07-28 07:07:29 ----A---- C:\Program Files (x86)\FAPC080.tmp
2013-07-28 07:07:28 ----A---- C:\Program Files (x86)\FAPC03F.tmp
2013-07-28 07:07:21 ----A---- C:\Program Files (x86)\FAPA3F7.tmp
2013-07-28 07:07:21 ----A---- C:\Program Files (x86)\FAPA3D6.tmp
2013-07-28 07:07:21 ----A---- C:\Program Files (x86)\FAPA3B5.tmp
2013-07-28 07:07:06 ----A---- C:\Program Files (x86)\FAP6A0D.tmp
2013-07-28 07:07:06 ----A---- C:\Program Files (x86)\FAP69DC.tmp
2013-07-28 07:07:06 ----A---- C:\Program Files (x86)\FAP699C.tmp
2013-07-28 07:06:38 ----A---- C:\Program Files (x86)\FAPFAE0.tmp
2013-07-28 07:06:38 ----A---- C:\Program Files (x86)\FAPFABF.tmp
2013-07-28 07:06:38 ----A---- C:\Program Files (x86)\FAPFA9E.tmp
2013-07-28 07:06:29 ----A---- C:\Program Files (x86)\FAPD80F.tmp
2013-07-28 07:06:29 ----A---- C:\Program Files (x86)\FAPD7FD.tmp
2013-07-28 07:06:29 ----A---- C:\Program Files (x86)\FAPD7DC.tmp
2013-07-28 07:06:27 ----A---- C:\Program Files (x86)\FAPD0F7.tmp
2013-07-28 07:06:27 ----A---- C:\Program Files (x86)\FAPD0D6.tmp
2013-07-28 07:06:27 ----A---- C:\Program Files (x86)\FAPD0B5.tmp
2013-07-28 07:06:19 ----A---- C:\Program Files (x86)\FAPB131.tmp
2013-07-28 07:06:19 ----A---- C:\Program Files (x86)\FAPB101.tmp
2013-07-28 07:06:19 ----A---- C:\Program Files (x86)\FAPB0D0.tmp
2013-07-28 07:05:58 ----A---- C:\Program Files (x86)\FAP5F83.tmp
2013-07-28 07:05:58 ----A---- C:\Program Files (x86)\FAP5F52.tmp
2013-07-28 07:05:58 ----A---- C:\Program Files (x86)\FAP5F22.tmp
2013-07-28 07:05:25 ----A---- C:\Program Files (x86)\FAPDDC1.tmp
2013-07-28 07:05:25 ----A---- C:\Program Files (x86)\FAPDD9F.tmp
2013-07-28 07:05:25 ----A---- C:\Program Files (x86)\FAPDD7E.tmp
2013-07-28 07:05:24 ----A---- C:\Program Files (x86)\FAPD977.tmp
2013-07-28 07:05:24 ----A---- C:\Program Files (x86)\FAPD946.tmp
2013-07-28 07:05:24 ----A---- C:\Program Files (x86)\FAPD8F6.tmp
2013-07-28 07:05:06 ----A---- C:\Program Files (x86)\FAP9198.tmp
2013-07-28 07:05:05 ----A---- C:\Program Files (x86)\FAP9177.tmp
2013-07-28 07:05:05 ----A---- C:\Program Files (x86)\FAP9156.tmp
2013-07-28 07:04:44 ----A---- C:\Program Files (x86)\FAP3DF7.tmp
2013-07-28 07:04:44 ----A---- C:\Program Files (x86)\FAP3D2A.tmp
2013-07-28 07:04:44 ----A---- C:\Program Files (x86)\FAP3CF9.tmp
2013-07-28 07:04:36 ----A---- C:\Program Files (x86)\FAP1FA8.tmp
2013-07-28 07:04:36 ----A---- C:\Program Files (x86)\FAP1F67.tmp
2013-07-28 07:04:36 ----A---- C:\Program Files (x86)\FAP1F27.tmp
2013-07-28 07:04:30 ----A---- C:\Program Files (x86)\FAP770.tmp
2013-07-28 07:04:30 ----A---- C:\Program Files (x86)\FAP740.tmp
2013-07-28 07:04:30 ----A---- C:\Program Files (x86)\FAP71E.tmp
2013-07-28 07:04:16 ----A---- C:\Program Files (x86)\FAPD1DA.tmp
2013-07-28 07:04:16 ----A---- C:\Program Files (x86)\FAPD1A9.tmp
2013-07-28 07:04:16 ----A---- C:\Program Files (x86)\FAPD178.tmp
2013-07-28 07:04:09 ----A---- C:\Program Files (x86)\FAPB649.tmp
2013-07-28 07:04:09 ----A---- C:\Program Files (x86)\FAPB618.tmp
2013-07-28 07:04:09 ----A---- C:\Program Files (x86)\FAPB5D7.tmp
2013-07-28 07:01:36 ----A---- C:\Program Files (x86)\FAP5D4A.tmp
2013-07-28 07:01:36 ----A---- C:\Program Files (x86)\FAP5D29.tmp
2013-07-28 07:01:35 ----A---- C:\Program Files (x86)\FAP5D08.tmp
2013-07-28 06:48:43 ----D---- C:\Program Files\Rsit
2013-07-27 18:20:54 ----D---- C:\Windows\system32\MRT
2013-07-27 17:36:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-27 17:36:31 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-27 17:36:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-27 17:36:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-27 17:36:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-27 17:36:31 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-27 17:36:31 ----A---- C:\Windows\system32\ieui.dll
2013-07-27 17:36:31 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-27 17:36:31 ----A---- C:\Windows\system32\iesetup.dll
2013-07-27 17:36:31 ----A---- C:\Windows\system32\iernonce.dll
2013-07-27 17:36:31 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-27 17:36:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-27 17:36:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-27 17:36:30 ----A---- C:\Windows\system32\iertutil.dll
2013-07-27 17:36:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-27 17:36:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-27 17:36:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-27 17:36:29 ----A---- C:\Windows\system32\jscript9.dll
2013-07-27 17:36:29 ----A---- C:\Windows\system32\jscript.dll
2013-07-27 17:36:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-27 17:36:28 ----A---- C:\Windows\system32\urlmon.dll
2013-07-27 17:36:27 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-27 17:36:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-27 17:36:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-27 17:36:26 ----A---- C:\Windows\system32\wininet.dll
2013-07-27 17:36:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-27 17:36:25 ----A---- C:\Windows\system32\ieframe.dll
2013-07-27 17:36:24 ----A---- C:\Windows\system32\mshtml.dll
2013-07-27 17:36:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 17:21:34 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 17:21:34 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 17:21:34 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 17:21:34 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 17:21:12 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 17:20:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-11 17:20:47 ----A---- C:\Windows\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2013-07-28 07:32:08 ----D---- C:\Windows\temp
2013-07-28 07:32:03 ----D---- C:\Program Files\trend micro
2013-07-28 07:31:09 ----D---- C:\Users\Shaim\AppData\Roaming\tor
2013-07-28 07:29:16 ----D---- C:\Windows\system32\catroot2
2013-07-28 07:28:01 ----AD---- C:\Windows
2013-07-28 07:27:46 ----D---- C:\Windows\System32
2013-07-28 07:27:00 ----D---- C:\Windows\system32\config
2013-07-28 07:26:09 ----D---- C:\Users\Shaim\AppData\Roaming\vlc
2013-07-28 07:23:44 ----RD---- C:\Program Files (x86)
2013-07-28 07:04:20 ----RD---- C:\Program Files
2013-07-28 06:56:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-28 06:55:59 ----D---- C:\Windows\system32\drivers\etc
2013-07-28 06:52:20 ----D---- C:\Windows\inf
2013-07-28 06:50:46 ----D---- C:\Users\Shaim\AppData\Roaming\LolClient
2013-07-28 06:50:46 ----D---- C:\ProgramData\PMB Files
2013-07-28 06:49:42 ----SHD---- C:\Windows\Installer
2013-07-28 06:49:38 ----SHD---- C:\Config.Msi
2013-07-28 06:49:22 ----D---- C:\Windows\system32\drivers
2013-07-28 06:49:21 ----D---- C:\Users\Shaim\AppData\Roaming\Winamp
2013-07-28 06:49:21 ----D---- C:\Users\Shaim\AppData\Roaming\uTorrent
2013-07-28 06:49:20 ----D---- C:\Program Files (x86)\JDownloader
2013-07-28 06:48:09 ----D---- C:\Windows\system32\LogFiles
2013-07-28 06:47:58 ----D---- C:\Windows\Panther
2013-07-28 06:47:49 ----D---- C:\Windows\debug
2013-07-28 06:45:51 ----D---- C:\Program Files (x86)\Opera
2013-07-28 06:44:26 ----D---- C:\Program Files (x86)\HiJackThis
2013-07-28 06:40:52 ----D---- C:\Windows\Microsoft.NET
2013-07-28 06:40:41 ----RSD---- C:\Windows\assembly
2013-07-28 06:36:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-28 06:32:23 ----D---- C:\Windows\winsxs
2013-07-28 06:30:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-07-28 06:30:04 ----D---- C:\Windows\SysWOW64
2013-07-28 06:30:04 ----D---- C:\Windows\system32\cs-CZ
2013-07-27 18:32:25 ----SHD---- C:\System Volume Information
2013-07-27 18:04:05 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-27 18:04:03 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-27 18:02:32 ----D---- C:\Program Files\Windows Defender
2013-07-27 18:02:32 ----D---- C:\Program Files\Internet Explorer
2013-07-27 18:02:32 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-27 18:02:32 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-27 17:56:56 ----D---- C:\ProgramData\Microsoft Help
2013-07-27 17:47:12 ----SD---- C:\ProgramData\Microsoft
2013-07-27 17:36:46 ----D---- C:\Windows\system32\catroot
2013-07-27 16:58:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-27 16:43:30 ----D---- C:\Program Files\CCleaner
2013-07-27 16:38:18 ----AD---- C:\ProgramData\TEMP
2013-07-27 16:36:21 ----D---- C:\Program Files (x86)\SpywareBlaster
2013-07-26 20:06:54 ----D---- C:\Program Files (x86)\QIP Infium
2013-07-13 01:56:21 ----D---- C:\Windows\system32\Tasks
2013-07-13 01:56:19 ----D---- C:\Windows\Tasks
2013-07-05 18:29:27 ----D---- C:\Program Files (x86)\World of Warcraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-14 58416]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-10-20 155272]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-06-12 568640]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-09-01 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-09-01 28216]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-10-21 275552]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2012-10-20 1340040]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2012-10-20 1093256]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-10-21 971360]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2012-10-21 210016]
R0 vidsflt53;Acronis Disk Storage Filter (53); C:\Windows\system32\DRIVERS\vsflt53.sys [2012-10-21 141920]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2012-10-25 22680]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440]
R1 Ext2Fsd;Linux ext2 file system driver; C:\Windows\system32\drivers\Ext2Fsd.sys [2011-07-09 769816]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232]
R3 ALSysIO;ALSysIO; \??\C:\Users\Shaim\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 boomslangFltr;Razer Boomslang CE; C:\Windows\system32\drivers\boomslang.sys [2009-10-22 13824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-05-22 4052496]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 Lycosa;Lycosa Keyboard; C:\Windows\system32\drivers\Lycosa.sys [2010-09-08 28928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-08-06 62784]
R3 VKbms;Virtual HID Minidriver; C:\Windows\system32\DRIVERS\VKbms.sys [2010-10-01 13312]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Users\Shaim\AppData\Local\Temp\tmp317B.tmp []
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-10-20 367200]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-08-29 28008]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2013-01-02 25640]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-07-27 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-11-17 30528]
S3 HPKBx64;HP Keyboard Smart Card Driver; C:\Windows\system32\DRIVERS\HPKBx64.sys [2012-03-06 57728]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-09-25 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-03-21 1341664]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-27 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 50921648]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 CscService;Offline soubory; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]
S4 W3SVC;Služba Publikování na webu; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 28 črc 2013 06:35

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna. A tez se zrovna zeptam na ESET NOD32, na ten mate zakoupenou licenci?

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

ŠtěpánkaP · #3 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 10:45

Dobrý den,

já tomu bohužel nerozumím. Ale před pár dny jsem objevila toto fórum a tak jsme se rozhodli tímto způsobem prověřit všechny počítače, co máme v rodině, protože jsme na techniku antitalenti...

Zde je ten další log, co jste chtěl.

Moc děkuji.

info.txt logfile of random's system information tool 1.09 2013-07-28 07:32:10

======Uninstall list======

@BIOS-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly
-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
-->C:\Program Files (x86)\AOMEI Partition Assistant Home Edition 5.1\unins000.exe
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Actual Search & Replace Version 2.8.7-->"C:\Program Files (x86)\Actual Search & Replace\unins000.exe"
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -maintain plugin
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader XI (11.0.03) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AB0000000001}
AIDA64 Extreme Edition v2.80-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
AMD Accelerated Video Transcoding-->MsiExec.exe /X{5B73E1AA-CA9D-E76A-2F2D-E0EFB41CE087}
AMD Catalyst Install Manager-->msiexec /q/x{C8807716-1F6F-5C43-3C32-7295A45CF060} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{B01875AA-1BD4-5B9F-D2B9-23D909F4280B}
AMD Media Foundation Decoders-->MsiExec.exe /X{55B348BE-A3BE-9AE7-58BD-BE45B9A28F82}
Any Video Converter Ultimate 4.5.7-->"C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\unins000.exe"
AOMEI Partition Assistant Home Edition 5.1-->"C:\Program Files (x86)\AOMEI Partition Assistant Home Edition 5.1\unins000.exe"
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
Audacity 2.0-->"C:\Program Files (x86)\Audacity\unins000.exe"
AutoHotkey 1.1.09.04-->"C:\Program Files\AutoHotkey\AutoHotkey.exe" "C:\Program Files\AutoHotkey\Installer.ahk"
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_95B9C4C4739674B910F22E6D0FB93B9D8DD7E72A\pccsmcfdx64.inf
Bullzip PDF Printer 8.2.0.1406-->"C:\Program Files\Bullzip\PDF Printer\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Core Temp version 0.99.7-->"C:\Program Files\Core Temp\unins000.exe"
Crysis®3-->"C:\Program Files (x86)\Common Files\EAInstaller\Crysis 3\Cleanup.exe" uninstall_game -autologging
Crystal Reports for Visual Studio-->MsiExec.exe /I{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{FEE83E48-5D21-4EEC-A345-5C5887869DBE}" "1029" "0"
Diablo III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III\Uninstall.exe
DMC Devi May Cry (c) Capcom version 1-->"C:\Program Files (x86)\DMC Devi May Cry\unins000.exe"
Dotfuscator Software Services - Community Edition-->MsiExec.exe /X{1AA5BD63-6614-44B2-88A7-605191EDB835}
EaseUS Partition Master 9.1.1 Home Edition-->"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\unins000.exe"
Easy Tune 6 B12.0402.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}
EasyBCD 2.2-->C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe
Ext2Fsd 0.51-->"C:\Program Files\Ext2Fsd\unins000.exe"
Foxit PDF Editor-->C:\Program Files (x86)\Foxit Software\PDF Editor\uninstall.exe
Free Video Flip and Rotate version 2.1.5.1130-->C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
Free Video Joiner-->"C:\Program Files (x86)\Free Video Joiner\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0409 -removeonly
Geeks3D.com FurMark 1.10.3-->"C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.10.3\unins000.exe"
Gmail Backup-->"C:\Program Files (x86)\GmailBackup\uninstall.exe"
Google Drive-->MsiExec.exe /X{989FB5FD-9B00-4B32-8663-849CB1370DD1}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)-->c:\Windows\SysWOW64\msiexec.exe /package {1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B} /uninstall {DE235F32-78F6-3C50-BE86-A73D6E0FFA7F} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041)-->c:\Windows\SysWOW64\msiexec.exe /package {1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B} /uninstall {CA530031-671E-3CFD-87E5-9C281069553A} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)-->C:\Windows\SysWOW64\msiexec.exe /package {59F24743-2EA1-3A45-B8C2-6E0E1E078FA8} /uninstall {A003ADF2-C209-378D-959B-4D93E75FD7A5} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)-->c:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {90A659B3-6BB5-3E0D-ACE4-D72FF8D54783} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {3EE9D984-E7A6-30B9-8FF5-A1FE2242440A} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)-->c:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {40BA5965-82C8-3220-BAFA-B247A761053C} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)-->c:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {FB360275-493B-3BFB-B6EC-79FDB4EB05E2} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {A003ADF2-C209-378D-959B-4D93E75FD7A5} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)-->c:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {DE235F32-78F6-3C50-BE86-A73D6E0FFA7F} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041)-->c:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {CA530031-671E-3CFD-87E5-9C281069553A} /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)-->C:\Windows\SysWOW64\msiexec.exe /package {2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)-->C:\Windows\SysWOW64\msiexec.exe /package {81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB} /uninstall /qb+ REBOOTPROMPT=""
HTC Driver Installer-->MsiExec.exe /X{4CEEE5D0-F905-4688-B9F9-ECC710507796}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Malwarebytes Anti-Malware verze 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe
MediaCoder x64 0.8.16-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A324DC11-FF02-3CE8-9D6F-67EBC006D970}
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools-->MsiExec.exe /X{40416836-56CC-4C0E-A6AF-5C34BADCE483}
Microsoft ASP.NET MVC 2-->MsiExec.exe /X{1803A630-3C38-4D2B-9B9A-0CB37243539C}
Microsoft Help Viewer 1.1-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.1\install.exe
Microsoft Help Viewer 1.1-->MsiExec.exe /X{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Silverlight 3 SDK-->MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}
Microsoft Silverlight 4 SDK-->MsiExec.exe /X{05855322-BE43-41FE-B583-D3AE0C326D58}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{5340A3B5-3853-4745-BED2-DD9FF5371331}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FA7394B8-CE65-4F9E-AC99-F372AD365424}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FBD367D1-642F-47CF-B79B-9BE48FB34007}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{DF167CE3-60E7-44EA-99EC-2507C51F37AE}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}
Microsoft SQL Server 2008 R2 Data-Tier Application Framework-->MsiExec.exe /I{BC537AE0-88AF-47ED-B762-33B0D62B5188}
Microsoft SQL Server 2008 R2 Data-Tier Application Project-->MsiExec.exe /I{7A56D81D-6406-40E7-9184-8AC1769C4D69}
Microsoft SQL Server 2008 R2 Management Objects (x64)-->MsiExec.exe /I{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}
Microsoft SQL Server 2008 R2 Management Objects-->MsiExec.exe /I{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}
Microsoft SQL Server 2008 R2 Transact-SQL Language Service-->MsiExec.exe /I{09C52940-A4D1-4409-A7CC-1AAE630CF578}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{6292D514-17A4-403F-98F9-E150F10C043D}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Compact 3.5 SP2 x64 ENU-->MsiExec.exe /I{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
Microsoft SQL Server Database Publishing Wizard 1.4-->MsiExec.exe /I{ACE28263-76A4-4BF5-B6F4-8BD719595969}
Microsoft SQL Server System CLR Types (x64)-->MsiExec.exe /I{1E6ED082-E32D-4B2B-8B6A-70B094815135}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{877B76B2-F83F-4F5A-B28D-3F398641ADB6}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{0826F9E4-787E-481D-83E0-BC6A57B056D5}
Microsoft Sync Framework Runtime v1.0 SP1 (x64)-->MsiExec.exe /I{8438EC02-B8A9-462D-AC72-1B521349C001}
Microsoft Sync Framework SDK v1.0 SP1-->MsiExec.exe /I{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}
Microsoft Sync Framework Services v1.0 SP1 (x64)-->MsiExec.exe /I{034106B5-54B7-467F-B477-5B7DBB492624}
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)-->MsiExec.exe /I{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}
Microsoft Team Foundation Server 2010 Object Model - ENU-->MsiExec.exe /I{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}
Microsoft Team Foundation Server 2010 Object Model - ENU-->MsiExec.exe /X{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}
Microsoft Visual C# 2010 Express - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 10.0\Microsoft Visual C# 2010 Express - ENU\setup.exe
Microsoft Visual C# 2010 Express - ENU-->MsiExec.exe /X{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319-->MsiExec.exe /X{F5079164-1DB9-3BDA-853B-F78AF67CE071}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219-->MsiExec.exe /X{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219-->MsiExec.exe /X{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727-->"C:\ProgramData\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual F# 2.0 Runtime-->MsiExec.exe /X{85467CBC-7A39-33C9-8940-D72D9269B84F}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU-->MsiExec.exe /X{BCA26999-EC22-3007-BB79-638913079C9A}
Microsoft Visual Studio 2010 Office Developer Tools (x64)-->MsiExec.exe /X{D57519D3-2E37-3E34-94AF-4D59BFAB87E6}
Microsoft Visual Studio 2010 Professional - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 10.0\Microsoft Visual Studio 2010 Professional - ENU\setup.exe
Microsoft Visual Studio 2010 Service Pack 1-->C:\ProgramData\VS\vs10sp1\SetupCache\Setup.exe
Microsoft Visual Studio 2010 Service Pack 1-->MsiExec.exe /X{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}
Microsoft Visual Studio 2010 Service Pack 1-->MsiExec.exe /X{ED780CA9-0687-3C12-B439-3369F224941F}
Microsoft Visual Studio 2010 SharePoint Developer Tools-->MsiExec.exe /X{0BE273CD-AAB9-361B-8C32-D955EAC929E3}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{B143BE44-8723-315E-9413-011C55873C0E}
Microsoft Visual Studio Macro Tools-->msiexec.exe /uninstall {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
Microsoft Visual Studio Macro Tools-->MsiExec.exe /X{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
Microsoft_VC100_CRT_SP1_x64-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 13.0 (x86 en-US)-->kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6\uninstall\helper.exe
Mozilla Firefox 22.0 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird 17.0.7 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSI Afterburner 3.0.0 Beta 10-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe"
MSI Kombustor 2.4.2-->"C:\Program Files (x86)\MSI Kombustor\unins000.exe"
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
NetBeans IDE 7.2-->"C:\Program Files (x86)\NetBeans 7.2\uninstall.exe"
ON_OFF Charge B12.1025.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly
Opera 12.16-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PCMark 7-->"C:\Program Files (x86)\InstallShield Installation Information\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}\setup.exe" -runfromtemp -l0x0409 -removeonly
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Polipo 1.0.4.1-->"C:\Program Files (x86)\Vidalia Bundle\Uninstall.exe"
Razer Boomslang-->C:\Program Files (x86)\InstallShield Installation Information\{AA85BDCE-8381-4A89-A0BB-0AD989CC1018}\setup.exe -runfromtemp -l0x0009 -removeonly
Razer Lycosa-->C:\Program Files (x86)\InstallShield Installation Information\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}\Setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Revo Uninstaller Pro 2.5.8-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Seagate DiscWizard-->MsiExec.exe /X{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {6C94CAE9-95B3-3A0D-B7E8-BCA0E6A5ACB0} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {3A02AD1D-6903-3E0E-8EA9-A9121A0B06ED} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)-->C:\Windows\SysWOW64\msiexec.exe /package {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3} /uninstall {CA6C4E8E-CE86-4C78-B4BC-1E083E8E613A} /qb+ REBOOTPROMPT=""
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{235F521F-C627-4957-A641-C4C161F78531}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{EE3A99C9-FD8F-4923-9F82-27365DA4B873}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{2E7C03CB-FE0A-4B95-BA37-742CD596760C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F3FAAB68-7697-4B1F-A23A-72312565AEAB}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{62E2481E-63BB-4481-A0CE-071D6D663B1B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{A3364707-2F53-4C83-8F68-C9877A9080C7}" "1029" "0"
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB2546951\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
SpywareBlaster 5.0-->"C:\Program Files (x86)\SpywareBlaster\unins000.exe"
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
Star Wars: The Old Republic-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe
StarCraft II-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
TechPowerUp GPU-Z-->"C:\Program Files (x86)\GPU-Z\uninstall.exe"
Tombraider-->"C:\Program Files (x86)\SQUARE ENIX\Tombraider\unins000.exe"
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\Total Commander\tcunin64.exe
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1029" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1029" "0"
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{B6AD7E27-012A-4B63-82BA-AF62893E5435}" "1029" "0"
Visual CSharp Step By Step-->MsiExec.exe /X{75A61756-C727-40E3-A11F-F0D8ACBCC33D}
Visual Studio 2010 Prerequisites - English-->MsiExec.exe /X{662014D2-0450-37ED-ABAE-157C88127BEB}
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
VLC media player 2.0.6-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WCF RIA Services V1.0 SP1-->MsiExec.exe /X{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}
Web Deployment Tool-->MsiExec.exe /I{0F37D969-1260-419E-B308-EF7D29ABDE20}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows 7 Manager-->MsiExec.exe /I{D641F4CB-0CA6-4C32-927F-164D6612680D}
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
Xvid Video Codec-->C:\Program Files (x86)\Xvid\uninstall.exe

======Hosts File======

127.0.0.1 localhost

======System event log======

Computer Name: Shaim-PC
Event Code: 7036
Message: Stav služby Služba Zasílání zpráv o chybách systému Windows byl změněn na: Spuštěno
Record Number: 721596
Source Name: Service Control Manager
Time Written: 20130728050420.210659-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 7036
Message: Stav služby Služba Zasílání zpráv o chybách systému Windows byl změněn na: Zastaveno
Record Number: 721595
Source Name: Service Control Manager
Time Written: 20130728050352.658083-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 7045
Message: Do systému byla nainstalována služba.

Název služby: truecrypt
Název souboru služby: C:\Program Files (x86)\TrueCrypt\truecrypt-x64.sys
Typ služby: ovladač v režimu jádra
Typ spouštění služby: spouštění na vyžádání
Účet služby:
Record Number: 721594
Source Name: Service Control Manager
Time Written: 20130728050142.162620-000
Event Type: Informace
User: Shaim-PC\Shaim

Computer Name: Shaim-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 721593
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130728050045.050353-000
Event Type: Informace
User: Shaim-PC\Shaim

Computer Name: Shaim-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 721592
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130728050044.900344-000
Event Type: Informace
User: Shaim-PC\Shaim

=====Application event log=====

Computer Name: Shaim-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 232854
Source Name: Microsoft-Windows-Winlogon
Time Written: 20130728052658.000000-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 232853
Source Name: Desktop Window Manager
Time Written: 20130728052658.000000-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 1001
Message: Chybný blok 90463937, typ 4
Název události: APPCRASH
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: JunkFileCleaner.exe
P2: 3.9.0.0
P3: 50b79ef5
P4: KERNELBASE.dll
P5: 6.1.7601.18015
P6: 50b8479b
P7: e0434f4d
P8: 0000000000009e5d
P9:
P10:

Připojené soubory:
C:\Users\Shaim\AppData\Local\Temp\WERE2A1.tmp.WERInternalMetadata.xml

Tyto soubory mohou být k dispozici zde:
C:\Users\Shaim\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_JunkFileCleaner._8da7a46c77731e9d8bdf8d69f87e7d376fd32aad_0ebd6c1b

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 291dfd8e-f743-11e2-9b7c-902b343561f2
Stav hlášení: 0
Record Number: 232852
Source Name: Windows Error Reporting
Time Written: 20130728051129.000000-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 1903
Message:
Record Number: 232851
Source Name: HHCTRL
Time Written: 20130728051054.000000-000
Event Type: Informace
User:

Computer Name: Shaim-PC
Event Code: 1000
Message: Název chybující aplikace: JunkFileCleaner.exe, verze: 3.9.0.0, časové razítko: 0x50b79ef5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové razítko: 0x50b8479b
Kód výjimky: 0xe0434f4d
Posun chyby: 0x0000000000009e5d
ID chybujícího procesu: 0x5c0
Čas spuštění chybující aplikace: 0x01ce8b4f6b744c73
Cesta k chybující aplikaci: C:\Program Files\Yamicsoft\Windows 7 Manager\JunkFileCleaner.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 291dfd8e-f743-11e2-9b7c-902b343561f2
Record Number: 232850
Source Name: Application Error
Time Written: 20130728050420.000000-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: Shaim-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 78833
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130728050513.815725-000
Event Type: Úspěšný audit
User:

Computer Name: Shaim-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SHAIM-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x3d8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 78832
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130728050513.815725-000
Event Type: Úspěšný audit
User:

Computer Name: Shaim-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 78831
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130728050420.204659-000
Event Type: Úspěšný audit
User:

Computer Name: Shaim-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SHAIM-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x3d8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 78830
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130728050420.204659-000
Event Type: Úspěšný audit
User:

Computer Name: Shaim-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1270796135-2931976614-705505444-1001
Název účtu: Shaim
Název domény: Shaim-PC
ID přihlášení: 0x27c6ea
Record Number: 78829
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130728050043.873286-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%systemroot%\System32\WindowsPowerShell\v1.0;%systemroot%\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseHg\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"VS100COMNTOOLS"=C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\Tools\
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 28 črc 2013 12:39

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

ŠtěpánkaP · #5 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 13:49

První log byl moc velký, je zde:
http://pastebin.com/n6nYGaQU

Druhý log zde:
OTL Extras logfile created on: 28.7.2013 13:58:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shaim\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,96 Gb Total Physical Memory | 3,41 Gb Available Physical Memory | 42,86% Memory free
15,92 Gb Paging File | 10,74 Gb Available in Paging File | 67,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 124,15 Gb Free Space | 24,83% Space Free | Partition Type: NTFS
Drive Z: | 1300,00 Gb Total Space | 10,57 Gb Free Space | 0,81% Space Free | Partition Type: NTFS

Computer Name: SHAIM-PC | User Name: Shaim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- C:\Windows\NOTEPAD.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A7F495D-859B-4263-9C8B-CD24FDE4A783}" = lport=139 | protocol=6 | dir=in | app=system |
"{30DF93F6-9FEB-45A2-99A4-727CF53FD452}" = lport=57956 | protocol=17 | dir=in | name=pando media booster |
"{63098AB8-C9E5-44E0-9F07-134F8BC14ACA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{718D5508-C90E-467B-8AAB-02DC13DC3083}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{775B3581-F4D3-4860-828D-B9302D0859B2}" = lport=445 | protocol=6 | dir=in | app=system |
"{7F4D88CA-5522-4151-9655-140E14C89ED2}" = lport=57956 | protocol=6 | dir=in | name=pando media booster |
"{A999B445-B8A9-4F51-B8C5-7D9B6A5259E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{B21B295D-CA62-445C-8E7F-80518B7DB601}" = rport=137 | protocol=17 | dir=out | app=system |
"{BE29BD8F-7C9E-4ED6-BDFC-123DB6C8D45E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BE6B8C9C-18CB-435D-85FC-9335D9F101B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{C3F0679F-C6F4-4DFD-AB7B-60E1416F30A3}" = lport=57956 | protocol=17 | dir=in | name=pando media booster |
"{CAAB3CF4-DA06-4081-B1B4-E8BFE3E95F7A}" = lport=137 | protocol=17 | dir=in | app=system |
"{DBDC26C2-9596-4D21-89F6-74496B0C3C00}" = lport=57956 | protocol=6 | dir=in | name=pando media booster |
"{E501337B-05EC-44D8-A4F5-3A73EDB92A17}" = lport=138 | protocol=17 | dir=in | app=system |
"{F3883E40-ABA3-4893-91D2-DF05B21BA3D5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F791C4FD-108D-4E13-92F5-A65612E66C9A}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BAAED9-F7A1-4B64-A21C-57D4126BE9E2}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{03C19523-BE6A-4B80-80E1-BD34AA324204}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0D88A39C-47E1-463F-B3A4-89D382C44FF5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{120200EC-38D4-4D19-ADDF-B09573F9B9A0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{16478109-0A8F-41D7-8BA0-9A68D7254E6B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{61A9E3E7-2C94-4083-B915-26E461438668}" = protocol=6 | dir=in | app=c:\program files\crysis 3\bin32\crysis3.exe |
"{76792A21-77E4-44B3-A648-12948F1A9DA6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{8A08A480-8A85-456E-8003-85192E9BF114}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8FB87D4E-096E-44EA-9986-DE9755FBBB73}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{91716E61-D9BA-40EA-A95F-D673ABA6F0B0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{92B84C2D-F934-4E1E-834F-2C195749985A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9ECFCF27-D1E6-43DA-9284-FFC05728B7D2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A2921E04-6975-4C2D-845A-3EAF16803B08}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A7EC9335-5F0E-4F30-89FC-2C2A56A236C5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D0F4E8CD-20EC-4981-8FFD-85E87A6E7FE2}" = protocol=17 | dir=in | app=c:\program files\crysis 3\bin32\crysis3.exe |
"{D1ACC93D-7ADD-4871-80B3-4A943D0A556B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D3656B98-BDC7-457D-A94B-94CBA81D0E0C}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E06A2B7B-CAD1-4B0F-82FD-F66ECD14C413}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{E78678C0-D9B2-4C0B-8CFD-7961210CCB8C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EFBEE9D0-AAE8-47F3-867E-CAD02677CFDE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F5966CD6-7CD2-4D4D-86F9-4C68F5ABD556}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{4523C22B-0B86-4E90-BE2D-61F1E587103D}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{4C658668-C364-4056-9D36-EC15D46A1A76}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{5749EAE0-9440-43D2-AC68-E9093F025DCE}C:\program files\total commander\totalcmd64.exe" = protocol=6 | dir=in | app=c:\program files\total commander\totalcmd64.exe |
"TCP Query User{8132AD5F-6006-4F97-A940-5D2E0E9762D7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{864B7448-FF72-453D-B1F1-84EBC08BE79F}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{AE1136B7-9A3C-4629-8513-95BEEF0441EE}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{B0C355A0-C9DD-44BF-9546-03D167ACD4BE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C1720D0F-FF4A-438C-9C93-62C3A57ED481}C:\program files (x86)\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"UDP Query User{08359A3A-E080-4055-AC45-0409F9BD1E4B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{29CD965E-FFBD-47C3-A420-FA09F04B3329}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{3A1A0CA4-3F59-4989-A444-31A139CF681B}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{62164F75-9D0E-44C2-9C2D-A15F6C7A187A}C:\program files (x86)\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"UDP Query User{66A16F23-7F21-4695-A75F-1EA2D3E5CEC8}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{8F0CF517-B40D-4F25-868B-4FB2EB15A49A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8F3B4669-2D43-4E59-B7E5-AED882E198D9}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{95C1F9CA-428E-414F-8FC0-F1DE5A218521}C:\program files\total commander\totalcmd64.exe" = protocol=17 | dir=in | app=c:\program files\total commander\totalcmd64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E6ED082-E32D-4B2B-8B6A-70B094815135}" = Microsoft SQL Server System CLR Types (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{4371D69B-FB6A-4A61-8477-C1B919FB2311}" = TortoiseSVN 1.7.7.22907 (64 bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{55B348BE-A3BE-9AE7-58BD-BE45B9A28F82}" = AMD Media Foundation Decoders
"{5B73E1AA-CA9D-E76A-2F2D-E0EFB41CE087}" = AMD Accelerated Video Transcoding
"{6292D514-17A4-403F-98F9-E150F10C043D}" = Microsoft SQL Server 2008 Setup Support Files
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}" = Microsoft SQL Server 2008 RsFx Driver
"{B01875AA-1BD4-5B9F-D2B9-23D909F4280B}" = AMD Drag and Drop Transcoding
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C120107D-96E5-4BDA-B435-24AA72A77443}" = TortoiseHg 2.8.0 (x64)
"{C8807716-1F6F-5C43-3C32-7295A45CF060}" = AMD Catalyst Install Manager
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D57519D3-2E37-3E34-94AF-4D59BFAB87E6}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{D641F4CB-0CA6-4C32-927F-164D6612680D}" = Windows 7 Manager
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E54A949B-C4AE-28B6-EC97-FCB9E402D338}" = ccc-utility64
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"AutoHotkey" = AutoHotkey 1.1.09.04
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 8.2.0.1406
"CCleaner" = CCleaner
"Ext2Fsd_is1" = Ext2Fsd 0.51
"MediaCoder x64" = MediaCoder x64 0.8.16
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant Home Edition 5.1
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.4.2
"{0BE273CD-AAB9-361B-8C32-D955EAC929E3}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{11F2C5EC-35AA-7237-B62B-A4F041859C2A}" = CCC Help Spanish
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{229EDE35-4677-BDE6-70ED-A5A4C711DDC3}" = CCC Help Norwegian
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.3
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2470F2F2-8491-5A0B-B8F5-8B72A8D74597}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27B56E28-94B2-BDF8-D209-EC8D2FF4838E}" = Catalyst Control Center Graphics Previews Common
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33D4FA83-02C0-93B3-08ED-5D7378930CFA}" = CCC Help Turkish
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{37D0F3C2-8FFD-134D-FBDF-2D711E169D78}" = Catalyst Control Center
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3
"{42FECCEF-63CD-DF98-D6BC-DDBB27E4A580}" = CCC Help Japanese
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{46594DA4-2D0A-B2D4-C0E0-A5CCA3260025}" = CCC Help Hungarian
"{485B8152-C59F-8569-15BC-46BDA2A1E4A9}" = CCC Help Polish
"{490F47E6-585C-531A-1BF8-4DE44ED9AED7}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{50F87176-7DB3-4C75-D9DC-25CB4561D0F8}" = CCC Help Danish
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{52E706AA-B4E9-423A-1651-62E61E06DF9A}" = CCC Help Greek
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5FB51C12-62AE-0990-E419-C6F62B776E5C}" = CCC Help Portuguese
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66B46617-A156-F25B-3CC0-5E46343AEA95}" = CCC Help Thai
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75A61756-C727-40E3-A11F-F0D8ACBCC33D}" = Visual CSharp Step By Step
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{81543139-18AE-703B-D3B1-F6B3A0CB2EAC}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FA20FAC-719F-7CCD-5790-6B59D691C370}" = CCC Help Chinese Traditional
"{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}" = Seagate DiscWizard
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{940B28E7-320B-5AC8-0A8A-32D6A7B404A1}" = CCC Help Swedish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{99C382AB-CA1D-8577-66D3-AA850DB5FD00}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A68C4D16-8046-5333-CB64-5E622C795785}" = CCC Help Dutch
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA85BDCE-8381-4A89-A0BB-0AD989CC1018}" = Razer Boomslang
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) MUI
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{BE0B654E-FC60-40AE-F60B-06526508B5FD}" = CCC Help Italian
"{BE0E1491-B2DC-6447-217C-342D8F7100EA}" = CCC Help Czech
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C5EADF55-3B49-B545-E16F-402B443DDC77}" = CCC Help German
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CBDFF724-E925-2964-E647-0A83D2F9165C}" = CCC Help French
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D5341564-7B93-ADAC-E737-C24AA85CC5FF}" = CCC Help Chinese Standard
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3FB1E5A-1C24-D581-6BC8-6F8AC2D343AD}" = CCC Help Finnish
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{ED780CA9-0687-3C12-B439-3369F224941F}" = Microsoft Visual Studio 2010 Service Pack 1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E79BE5-20F5-82F4-6579-2A91AED3F066}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"5513-1208-7298-9440" = JDownloader 0.9
"Actual Search & Replace_is1" = Actual Search & Replace Version 2.8.7
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 3.0.0 Beta 10
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 4.5.7
"Audacity_is1" = Audacity 2.0
"Diablo III" = Diablo III
"DMC Devi May Cry (c) Capcom_is1" = DMC Devi May Cry (c) Capcom version 1
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"EasyBCD" = EasyBCD 2.2
"Foxit PDF Editor" = Foxit PDF Editor
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.1.5.1130
"gmailbackup" = Gmail Backup
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"Mozilla Thunderbird 17.0.7 (x86 cs)" = Mozilla Thunderbird 17.0.7 (x86 cs)
"nbi-nb-base-7.2.0.0.201207171143" = NetBeans IDE 7.2
"Opera 12.16.1860" = Opera 12.16
"Polipo" = Polipo 1.0.4.1
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 5.0
"StarCraft II" = StarCraft II
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Tombraider_is1" = Tombraider
"Tor" = Tor 0.2.2.39
"uTorrent" = µTorrent
"Vidalia" = Vidalia 0.2.20
"VirtuaWin_is1" = VirtuaWin v4.3
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp
"World of Warcraft" = World of Warcraft
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"AoaoVideotoPicture" = Aoao Video to Picture Converter
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 3.0.9045 Nightly

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.7.2013 1:30:54 | Computer Name = Shaim-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 28.7.2013 1:31:29 | Computer Name = Shaim-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 11.6.0.1030,
časové razítko: 0x5042b0f0 Název chybujícího modulu: ISDI2.dll, verze: 11.6.0.1030,
časové razítko: 0x5042b0b6 Kód výjimky: 0xc0000417 Posun chyby: 0x0004d11f ID chybujícího
procesu: 0x844 Čas spuštění chybující aplikace: 0x01ce8b53b320aa42 Cesta k chybující
aplikaci: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
ID
zprávy: f3d7971c-f746-11e2-a960-902b343561f2

Error - 28.7.2013 8:01:26 | Computer Name = Shaim-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary ALSysIO. System
Error: Systém nemůže nalézt uvedený soubor. .

Error - 28.7.2013 8:01:26 | Computer Name = Shaim-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary WinRing0_1_2_0.

System
Error: Systém nemůže nalézt uvedený soubor. .

[ System Events ]
Error - 28.7.2013 1:29:13 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 28.7.2013 1:31:08 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 28.7.2013 1:31:34 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 28.7.2013 1:31:34 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 28.7.2013 1:31:38 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7034
Description = Služba Úložná technologie Intel® Rapid byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 28.7.2013 1:32:00 | Computer Name = Shaim-PC | Source = Service Control Manager | ID = 7000
Description = Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující
chyby: %%2

< End of report >

#6 Příspěvek od **vyosek** » 28 črc 2013 13:52

Proc ja ty navody pisu

vyosek píše: Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[/list]

ŠtěpánkaP · #7 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 14:13

vyosek píše: Proc ja ty navody pisu
vyosek píše: Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[/list]

Pardon...

#8 Příspěvek od **vyosek** » 28 črc 2013 15:37

Tak mi jej sem nakopirujte...

ŠtěpánkaP · #9 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 19:47

vyosek píše:Tak mi jej sem nakopirujte...

log část 1:
OTL logfile created on: 28.7.2013 13:58:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shaim\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,96 Gb Total Physical Memory | 3,41 Gb Available Physical Memory | 42,86% Memory free
15,92 Gb Paging File | 10,74 Gb Available in Paging File | 67,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 124,15 Gb Free Space | 24,83% Space Free | Partition Type: NTFS
Drive Z: | 1300,00 Gb Total Space | 10,57 Gb Free Space | 0,81% Space Free | Partition Type: NTFS

Computer Name: SHAIM-PC | User Name: Shaim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.07.28 13:54:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shaim\Desktop\OTL.exe
PRC - [2013.07.28 08:08:29 | 000,779,560 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Users\Shaim\AppData\Local\Temp\mexetmp.ex~
PRC - [2013.07.27 16:58:28 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.06.28 02:03:13 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.06.27 08:16:31 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2013.06.06 23:57:24 | 019,676,256 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013.05.29 22:17:34 | 004,690,768 | ---- | M] (Jan Fiala) -- C:\Program Files (x86)\PSPad\PSPad.exe
PRC - [2013.04.04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013.02.10 09:27:13 | 000,636,928 | ---- | M] (Steppschuh) -- C:\Program Files (x86)\SleepTimer.exe
PRC - [2012.11.13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.09.11 23:11:50 | 003,184,654 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
PRC - [2012.07.28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2011.05.10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
PRC - [2011.04.13 11:46:28 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Lycosa\razertra.exe
PRC - [2011.03.21 21:01:46 | 000,233,984 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe
PRC - [2011.02.05 09:12:42 | 001,211,536 | ---- | M] (Ext2Fsd Group (www.ext2fsd.com)) -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe
PRC - [2010.09.04 11:20:26 | 000,135,680 | ---- | M] (VirtuaWin) -- C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe
PRC - [2010.09.04 11:20:26 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\VirtuaWin\modules\WinList.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.11.23 14:57:46 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Razer\Boomslang\razerhid.exe
PRC - [2009.10.23 10:52:52 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Boomslang\razertra.exe
PRC - [2007.11.01 11:41:18 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Boomslang\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2013.07.28 07:30:58 | 000,557,056 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\pysqlite2._sqlite.pyd
MOD - [2013.07.28 07:30:58 | 000,320,512 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32com.shell.shell.pyd
MOD - [2013.07.28 07:30:58 | 000,128,512 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_elementtree.pyd
MOD - [2013.07.28 07:30:58 | 000,098,816 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32api.pyd
MOD - [2013.07.28 07:30:58 | 000,044,032 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_socket.pyd
MOD - [2013.07.28 07:30:58 | 000,026,624 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_multiprocessing.pyd
MOD - [2013.07.28 07:30:58 | 000,022,528 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32ts.pyd
MOD - [2013.07.28 07:30:57 | 001,175,040 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._core_.pyd
MOD - [2013.07.28 07:30:57 | 001,153,024 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_ssl.pyd
MOD - [2013.07.28 07:30:57 | 001,022,416 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\windows._cacheinvalidation.pyd
MOD - [2013.07.28 07:30:57 | 000,805,888 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._gdi_.pyd
MOD - [2013.07.28 07:30:57 | 000,735,232 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._misc_.pyd
MOD - [2013.07.28 07:30:57 | 000,364,544 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\pythoncom27.dll
MOD - [2013.07.28 07:30:57 | 000,110,080 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\PyWinTypes27.dll
MOD - [2013.07.28 07:30:57 | 000,108,544 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32security.pyd
MOD - [2013.07.28 07:30:57 | 000,087,040 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_ctypes.pyd
MOD - [2013.07.28 07:30:57 | 000,070,656 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._html2.pyd
MOD - [2013.07.28 07:30:57 | 000,025,600 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32pdh.pyd
MOD - [2013.07.28 07:30:57 | 000,017,408 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32profile.pyd
MOD - [2013.07.28 07:30:57 | 000,011,264 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32crypt.pyd
MOD - [2013.07.28 07:30:56 | 001,062,400 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._controls_.pyd
MOD - [2013.07.28 07:30:56 | 000,811,008 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._windows_.pyd
MOD - [2013.07.28 07:30:56 | 000,711,680 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\_hashlib.pyd
MOD - [2013.07.28 07:30:56 | 000,686,080 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\unicodedata.pyd
MOD - [2013.07.28 07:30:56 | 000,127,488 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\pyexpat.pyd
MOD - [2013.07.28 07:30:56 | 000,122,368 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\wx._wizard.pyd
MOD - [2013.07.28 07:30:56 | 000,119,808 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32file.pyd
MOD - [2013.07.28 07:30:56 | 000,038,912 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32inet.pyd
MOD - [2013.07.28 07:30:56 | 000,035,840 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32process.pyd
MOD - [2013.07.28 07:30:56 | 000,018,432 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\win32event.pyd
MOD - [2013.07.28 07:30:55 | 000,010,240 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Temp\_MEI33562\select.pyd
MOD - [2013.07.28 06:39:09 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\46e5c98ee0b6840ffbc7875ec30e6b38\Microsoft.VisualBasic.ni.dll
MOD - [2013.07.27 18:09:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013.07.27 18:09:20 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013.07.27 18:09:16 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013.07.27 18:08:58 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013.07.27 18:08:57 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013.07.27 18:08:55 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013.07.27 18:07:44 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.07.27 16:58:28 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.06.28 02:03:13 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.06.27 08:16:32 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013.06.27 08:16:31 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013.06.27 08:16:31 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013.02.02 17:48:12 | 012,459,888 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.09.11 23:11:50 | 003,184,654 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
MOD - [2012.07.28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2012.05.15 12:54:16 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2012.04.29 15:12:54 | 000,353,792 | ---- | M] () -- \\?\C:\Users\Shaim\AppData\Local\Temp\trufos.dll
MOD - [2011.08.24 00:59:50 | 000,047,972 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2011.05.10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011.05.10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2011.04.13 11:46:28 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Lycosa\razertra.exe
MOD - [2010.09.04 11:20:26 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\VirtuaWin\modules\WinList.exe
MOD - [2009.11.23 14:57:46 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Razer\Boomslang\razerhid.exe
MOD - [2009.10.23 10:52:52 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Boomslang\razertra.exe
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.23 04:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2005.08.17 13:23:16 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Razer\Boomslang\download.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.27 16:58:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.09.01 19:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.02.14 13:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013.02.14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.01.10 10:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013.01.10 10:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013.01.10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.25 10:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012.10.21 04:16:46 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.10.21 04:16:32 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2012.10.21 04:16:30 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2012.10.21 04:16:27 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.10.20 16:41:08 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.10.20 16:41:06 | 001,340,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012.10.20 16:41:04 | 001,093,256 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2012.10.20 16:40:57 | 000,155,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012.09.25 23:46:20 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.09.01 19:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.09.01 19:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.08.29 19:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:64bit: - [2012.08.23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.06 16:02:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.07.19 11:14:28 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012.06.27 16:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.06.12 15:40:30 | 000,568,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.06.11 14:17:44 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.06.11 14:17:44 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.06.11 14:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.05.21 09:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.05.21 09:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.05.21 09:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.27 16:48:00 | 000,398,112 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012.03.06 00:04:00 | 000,057,728 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPKBx64.sys -- (HPKBx64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.26 15:27:24 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2011.12.06 04:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.28 15:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.07.29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011.07.29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011.07.09 01:32:08 | 000,769,816 | ---- | M] (www.ext2fsd.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ext2fsd.sys -- (Ext2Fsd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.01 00:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010.09.08 11:01:28 | 000,028,928 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lycosa.sys -- (Lycosa)
DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.11.02 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.10.22 19:50:48 | 000,013,824 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\boomslang.sys -- (boomslangFltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.07.27 16:51:02 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.01.02 03:00:03 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012.11.17 18:53:03 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.05.05 06:35:01 | 000,092,536 | ---- | M] (WinMount International Inc) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\WMDrive.sys -- (WMDrive)
DRV - [2012.04.30 00:39:42 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | Disabled | Running] -- C:\Program Files (x86)\TrueCrypt\truecrypt-x64.sys -- (truecrypt)
DRV - [2011.12.26 15:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2011.07.29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3072253

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3072253
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: memoryrestart%40teamextension.com:1.11
FF - prefs.js..extensions.enabledAddons: showpasswordoption%40funke.de:0.1.4
FF - prefs.js..extensions.enabledAddons: %7B2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0%7D:1.2.7.0
FF - prefs.js..extensions.enabledAddons: youtubeautoplaystopper%40grizzlyape.com:1.0.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:6.4
FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.0.8
FF - prefs.js..network.proxy.ftp: "212.80.69.67"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "212.80.69.67"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "212.80.69.67"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "212.80.69.67"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shaim\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shaim\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013.04.19 04:35:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: false\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: false\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.21 00:01:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 21:36:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.04.19 04:35:29 | 000,000,000 | ---D | M]

[2013.03.04 16:04:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Extensions
[2013.07.27 16:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions
[2013.03.21 00:50:48 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2013.07.27 16:38:13 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013.03.21 00:50:48 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2013.07.27 16:38:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.07.24 14:43:17 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2013.03.21 00:50:48 | 000,000,000 | ---D | M] (ÄŚeskĂ˝ slovnĂk pro kontrolu pravopisu) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\cs@dictionaries.addons.mozilla.org
[2013.03.21 00:50:48 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\info@djzig.com
[2012.04.30 04:51:17 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\add-to-searchbox@maltekraus.de.xpi
[2012.12.01 06:42:00 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\autofillForms@blueimp.net.xpi
[2012.08.06 17:48:56 | 000,129,271 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\checkplaces@andyhalford.com.xpi
[2012.10.28 07:29:30 | 000,046,326 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\memoryrestart@teamextension.com.xpi
[2013.04.06 05:15:35 | 000,057,194 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
[2012.04.30 04:56:22 | 000,013,747 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\showpasswordoption@funke.de.xpi
[2012.12.12 05:34:25 | 000,104,361 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\tabutils@ithinc.cn.xpi
[2012.06.29 00:31:03 | 000,001,552 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\unseen@tangrs.xpi
[2013.03.21 13:22:16 | 000,031,379 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\youtubeautoplaystopper@grizzlyape.com.xpi
[2013.05.26 06:33:49 | 000,534,431 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2012.04.30 04:51:17 | 000,009,253 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi
[2013.07.24 14:43:25 | 000,534,063 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.12.24 13:29:46 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2012.09.07 03:51:36 | 000,080,872 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
[2012.04.30 04:51:17 | 000,003,196 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87}.xpi
[2013.07.26 18:28:20 | 000,824,431 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.30 01:25:44 | 000,042,336 | ---- | M] () (No name found) -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2012.05.04 02:44:42 | 000,000,921 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\ebay.xml
[2012.06.21 00:40:48 | 000,000,874 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\facebook.xml
[2012.05.04 02:45:08 | 000,002,057 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\google-cz.xml
[2012.05.05 05:34:35 | 000,000,728 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\php.xml
[2012.06.26 01:53:38 | 000,001,661 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\uloto.xml
[2012.07.14 06:46:19 | 000,000,850 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\whois.xml
[2012.05.04 02:41:46 | 000,001,231 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\searchplugins\youtube.xml
[2013.05.21 00:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.06.28 02:03:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.04.12 21:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\xampp\php\PEAR\PHPUnit\Extensions
[2013.04.12 21:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\xampp\php\PEAR\PHPUnit\Extensions\Database
[2003.01.13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files (x86)\mozilla firefox\plugins\npjp2.dll

========== Chrome ==========

CHR - homepage: about:blank
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: about:blank
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Shaim\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Morgan Multimedia JPEG2000 Netscape/Mozilla PlugIn (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Shaim\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Session Manager = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: YouTube = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\
CHR - Extension: Adblock Plus = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Eye Dropper = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: HTTP Headers = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg\1.0.0.2_0\
CHR - Extension: FB unseen = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.7.7_0\
CHR - Extension: Cookie Manager = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnfbcpkiaganjpcanopcgeoehkleeck\1.1_0\
CHR - Extension: Auto HD For YouTube = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\
CHR - Extension: Stop Autoplay for YouTube. = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh\0.11.5.24_0\
CHR - Extension: User-Agent Switcher = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf\2.0_0\
CHR - Extension: Show Password on Focus = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjaejebjmifpkiaafdnnpkkjnmopmhn\1.0.1_0\
CHR - Extension: Show Password on Focus = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogjaejebjmifpkiaafdnnpkkjnmopmhn\1.0.1_0\__MACOSX\._
CHR - Extension: Gmail = C:\Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.07.28 11:51:08 | 000,000,736 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [QuickTime Task] C:\Windows\SysWOW64\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Shaim_Boomslang] C:\Program Files (x86)\Razer\Boomslang\razerhid.exe ()
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Shaim_Ext2 Volume Manager] C:\Program Files\Ext2Fsd\Ext2Mgr.exe (Ext2Fsd Group (www.ext2fsd.com))
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Shaim_Lycosa] C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Shaim_Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Shaim_VirtuaWin] C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe (VirtuaWin)
O4 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25F2BCE8-5A55-4A72-8613-674A73854030}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25F2BCE8-5A55-4A72-8613-674A73854030}: NameServer = 192.168.1.254,8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0393E36-D68D-444C-B7BF-C3CA24E90B59}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0393E36-D68D-444C-B7BF-C3CA24E90B59}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.21 21:20:16 | 000,000,000 | ---D | M] - C:\autofill -- [ NTFS ]
O32 - AutoRun File - [2012.10.23 23:05:28 | 000,000,000 | ---D | M] - Z:\autofill -- [ NTFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.at3 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.CoreFLAC_ACM - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm ()
Drivers32: msacm.divxa32 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.imc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\imc32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\lameacm.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.pcdv - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm (Canopus Co., Ltd.)
Drivers32: msacm.qmpeg - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\QDesign\qmpeg.acm (QDesign Corporation)
Drivers32: msacm.sl_anet - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\VoxWare\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.aas4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.aasc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.advj - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.advs - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Adaptec\dvc.dll (Adaptec)
Drivers32: vidc.aflc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.afli - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.ap41 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.asv1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll ()

ŠtěpánkaP · #10 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 19:48

log část 2:
Drivers32: vidc.asv2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.asvx - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.avi1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avi2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avrn - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.bt20 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.cdvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Canopus\csccdvc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cram - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.cscd - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\camcodec.dll (RenderSoft Software.)
Drivers32: vidc.cvid - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\iccvid.dll (Compression Technologies, Inc.)
Drivers32: vidc.davc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll (dicas)
Drivers32: vidc.dcap - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.dcmj - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.ddvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Canopus\cscdvsd.dll (Canopus Co., Ltd.)
Drivers32: vidc.div3 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.divx - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\DivX520.dll (DivXNetworks, Inc.)
Drivers32: vidc.dmb2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.dv25 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvcp - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvcs - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvsd - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvx4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: vidc.em2v - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\etxcodec.dll (Etymonix Inc.)
Drivers32: vidc.frwa - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll (Darim Vision Co.)
Drivers32: vidc.frwd - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwt - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwu - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll (Darim Vision Co.)
Drivers32: vidc.gepj - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.glzw - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Gabest\glzw.dll (Gabest)
Drivers32: vidc.gpeg - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Gabest\gpeg.dll (Gabest)
Drivers32: vidc.gpjm - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.hfyu - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.ipdv - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.ir21 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.iv30 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv31 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv33 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv34 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv35 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv36 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv37 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv38 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv39 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv40 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv41 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv42 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv43 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv44 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv45 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv46 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv47 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv48 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv49 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.lead - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\LEAD\lcodccmp.dll (LEAD Technologies, Inc.)
Drivers32: vidc.m261 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msh261.drv (Microsoft Corporation)
Drivers32: vidc.m263 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.miro - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.mjpa - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.mjpx - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pegasus\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mkvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll ()
Drivers32: vidc.mmes - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mp41 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp42 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp43 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4s - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4v - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mpg3 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.mpg4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mrle - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msmc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.msvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.mszh - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\avimszh.dll ()
Drivers32: vidc.mtx1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mwv1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll (Aware Inc.)
Drivers32: vidc.nt00 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Newtek\ntcodec.dll (NewTek, Inc)
Drivers32: vidc.pdvc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.pim1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pinnacle\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.pimj - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pegasus\pvljpg20.dll (Pegasus Imaging Corporation)
Drivers32: vidc.png1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll ()
Drivers32: vidc.pvw2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Pegasus\pvwv220.dll (Pegasus Imaging Corporation)
Drivers32: vidc.q1.0 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.qpeg - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.rmp4 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\REALmagic\rmp4.dll ()
Drivers32: vidc.rt21 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: vidc.rud0 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Rududu\rududu.dll (nico)
Drivers32: vidc.s422 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Tekram\tekyuv.dll ()
Drivers32: vidc.sjpg - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.sony - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.t420 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.uyvy - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.vcr1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll (ATI Technologies, Inc.)
Drivers32: vidc.vcr2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll (ATI Technologies, Inc.)
Drivers32: vidc.vifp - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\vfcodec.dll ()
Drivers32: vidc.vixl - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\MIRO\miroxl32.dll (Pinnacle Systems)
Drivers32: vidc.vp30 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp31 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp60 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vssv - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Vanguard Software Sollutions\vsscodec.dll (Vanguard Software Solutions, Inc.)
Drivers32: vidc.wmv3 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.wnv1 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll (Winnov)
Drivers32: vidc.wrpr - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\aviwrap.dll ()
Drivers32: vidc.xvid - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\XviD\xvidvfw.dll ()
Drivers32: vidc.y411 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.y41p - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.yuy2 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\ATI\atiyuv12.dll ()
Drivers32: vidc.yvu9 - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Intel\iyvu9_32.dll ()
Drivers32: vidc.yvyu - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.zlib - C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\avizlib.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.07.28 13:54:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Shaim\Desktop\OTL.exe
[2013.07.28 11:42:54 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.07.28 11:42:54 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.07.28 07:32:02 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.28 06:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rsit
[2013.07.27 18:20:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.27 17:36:32 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.27 17:36:31 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.27 17:36:31 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.27 17:36:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.27 17:36:31 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.27 17:36:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.27 17:36:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.27 17:36:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.27 17:36:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.27 17:36:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.27 17:36:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.27 17:36:29 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.27 17:36:29 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.27 17:36:29 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.27 17:36:29 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.27 16:56:07 | 141,800,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Users\Shaim\Documents\13-4_win7_win8_64_dd_ccc_whql.exe
[2013.02.10 09:27:08 | 000,636,928 | ---- | C] (Steppschuh) -- C:\Program Files (x86)\SleepTimer.exe
[189 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.07.28 14:02:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.28 14:01:19 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job
[2013.07.28 13:54:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shaim\Desktop\OTL.exe
[2013.07.28 13:51:46 | 290,506,802 | ---- | M] () -- C:\Users\Shaim\Documents\Nepotvrzeno 622186.crdownload
[2013.07.28 13:42:04 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job
[2013.07.28 13:33:30 | 000,036,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.28 13:33:30 | 000,036,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.28 13:15:14 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.28 11:51:08 | 000,000,736 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.28 11:33:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.28 08:05:05 | 003,356,099 | ---- | M] () -- C:\Users\Shaim\Documents\IMG_6303.JPG
[2013.07.28 08:05:04 | 003,941,543 | ---- | M] () -- C:\Users\Shaim\Documents\IMG_6301.JPG
[2013.07.28 08:05:04 | 003,488,634 | ---- | M] () -- C:\Users\Shaim\Documents\IMG_6299.JPG
[2013.07.28 08:05:04 | 003,075,329 | ---- | M] () -- C:\Users\Shaim\Documents\IMG_6300.JPG
[2013.07.28 07:45:48 | 001,935,958 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.28 07:45:48 | 000,793,602 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.28 07:45:48 | 000,778,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.28 07:45:48 | 000,191,460 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.28 07:45:48 | 000,167,346 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.28 07:31:15 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.28 07:28:56 | 004,903,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.28 07:27:36 | 2116,849,663 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.28 06:55:59 | 000,449,344 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.16162752
[2013.07.28 06:50:05 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.07.27 20:42:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job
[2013.07.27 17:13:29 | 141,800,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\Shaim\Documents\13-4_win7_win8_64_dd_ccc_whql.exe
[2013.07.27 16:58:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.27 16:58:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.27 16:51:02 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[189 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.28 14:03:26 | 000,220,083 | ---- | C] () -- C:\Users\Shaim\Documents\Fotografia1253.jpg
[2013.07.28 14:02:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.28 14:01:51 | 000,034,343 | ---- | C] () -- C:\Users\Shaim\Documents\1373472730359(1).jpg
[2013.07.28 14:01:34 | 000,034,343 | ---- | C] () -- C:\Users\Shaim\Documents\1373472730359.jpg
[2013.07.28 13:51:40 | 250,084,058 | ---- | C] () -- C:\Users\Shaim\Documents\Nepotvrzeno 622186.crdownload
[2013.07.28 08:05:05 | 003,356,099 | ---- | C] () -- C:\Users\Shaim\Documents\IMG_6303.JPG
[2013.07.28 08:05:04 | 003,941,543 | ---- | C] () -- C:\Users\Shaim\Documents\IMG_6301.JPG
[2013.07.28 08:05:04 | 003,075,329 | ---- | C] () -- C:\Users\Shaim\Documents\IMG_6300.JPG
[2013.07.28 08:05:03 | 003,488,634 | ---- | C] () -- C:\Users\Shaim\Documents\IMG_6299.JPG
[2013.07.28 07:27:46 | 004,903,488 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.15 02:15:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.06.04 09:16:58 | 000,000,071 | ---- | C] () -- C:\Users\Shaim\mercurial.ini
[2013.06.04 09:15:26 | 000,002,182 | ---- | C] () -- C:\Users\Shaim\.kdiff3rc
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.29 03:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.29 03:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.01.03 23:34:45 | 000,004,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.01.03 23:03:07 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2012.12.30 20:29:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.30 20:29:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.30 20:29:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.30 20:29:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.30 20:29:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.10.21 16:28:04 | 000,000,346 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\Digital Clock_Settings.ini
[2012.10.21 16:27:41 | 000,000,381 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\Network Meter_Settings.ini
[2012.10.21 16:26:59 | 000,000,800 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\Drives Meter_Settings.ini
[2012.10.21 02:58:10 | 000,000,548 | ---- | C] () -- C:\Windows\ampa.ini
[2012.10.21 01:45:14 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012.10.21 01:45:14 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012.10.21 01:45:13 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012.10.21 01:45:13 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012.10.21 01:45:13 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012.10.21 01:44:41 | 001,645,496 | ---- | C] () -- C:\Windows\ampa.exe
[2012.10.21 01:44:41 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys
[2012.09.28 22:53:49 | 000,000,543 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.09.28 16:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.09.27 08:19:09 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2012.09.27 08:19:08 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2012.09.27 08:19:08 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2012.09.27 08:19:05 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2012.09.27 08:19:03 | 000,152,064 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.09.04 00:51:33 | 000,002,623 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.07.27 22:19:42 | 000,000,290 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\GPU MeterV2_Settings.ini
[2012.06.01 00:30:41 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.06.01 00:30:41 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.05.21 22:39:12 | 000,000,132 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.05.21 12:09:36 | 000,755,572 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.05.21 12:09:36 | 000,559,972 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.05.05 21:30:37 | 000,000,513 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\GPU Monitor_GPU_Settings.ini
[2012.05.04 18:42:01 | 001,914,244 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.04 03:26:59 | 000,000,826 | RHS- | C] () -- C:\Users\Shaim\ntuser.pol
[2012.05.02 19:23:38 | 000,000,600 | ---- | C] () -- C:\Users\Shaim\AppData\Local\PUTTY.RND
[2012.05.01 03:56:53 | 000,000,017 | ---- | C] () -- C:\Users\Shaim\AppData\Local\resmon.resmoncfg
[2012.04.30 04:51:19 | 022,315,008 | ---- | C] () -- C:\Users\Shaim\fbchathistory.dat
[2012.04.30 01:34:01 | 000,000,412 | ---- | C] () -- C:\Users\Shaim\AppData\Roaming\All CPU Meter_Settings.ini
[2012.04.30 00:48:39 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.04.11 22:30:54 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ESET
[2012.11.25 07:38:19 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\HTC
[2012.10.12 04:43:13 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PC Suite
[2013.04.11 22:30:49 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Subversion
[2012.07.17 11:46:58 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\VirtuaWin
[2013.03.13 21:34:45 | 000,000,000 | -HSD | M] -- C:\Users\Shaim\AppData\Roaming\64D6EC
[2013.06.04 12:36:49 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Actual Search & Replace
[2013.03.23 19:22:31 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\AnvSoft
[2013.06.10 05:35:17 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Audacity
[2013.04.28 21:43:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\avidemux
[2013.04.19 12:45:04 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Bitcoin
[2012.11.18 22:43:33 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Broad Intelligence
[2013.04.04 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Curse Advertising
[2013.03.04 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\DVDVideoSoft
[2013.03.13 21:36:46 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\ESET
[2013.06.14 10:14:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\GHISLER
[2012.05.02 04:51:24 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Gmail Backup
[2012.11.08 22:34:23 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\HTC
[2013.07.28 06:50:46 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\LolClient
[2012.04.30 15:11:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\MAXON
[2012.07.29 21:48:44 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\NetBeans
[2012.05.29 03:06:52 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\OpenCandy
[2012.04.30 05:05:12 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Opera
[2012.10.11 20:51:14 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\PC Suite
[2013.03.06 21:07:00 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\PDF Writer
[2013.04.19 04:52:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\poclbm
[2012.04.30 05:06:24 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\QIP
[2013.04.15 00:50:49 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Razer
[2012.04.30 03:25:08 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Reviversoft
[2013.03.18 22:12:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\RobotSoft
[2013.03.04 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Seagate
[2012.04.30 03:24:48 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Smart PC Solutions
[2013.03.04 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.11.01 00:16:58 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Subversion
[2013.01.12 19:23:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Thunderbird
[2012.11.10 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\TomTom
[2013.05.13 03:23:38 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Ulozto File Manager
[2013.07.28 06:49:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\uTorrent
[2012.11.11 23:31:13 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\VeryAndroid
[2012.05.01 05:33:41 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\VirtuaWin
[2013.03.07 02:16:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\WinMount
[2012.06.07 19:51:28 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\{3d7b3526-fa5f-4072-a4b7-a0ad05e28521}
[2012.05.31 23:07:56 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\{f0de8f3b-8aa8-47d1-b639-bcf14af1c98f}

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,546 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.08 20:25:42 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.07 20:20:22 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.10 13:11:11 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job
[2013.07.12 20:37:08 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job
[2013.07.13 01:56:19 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2012.11.13 15:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\erdnt\cache64\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[180 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.03.13 21:34:45 | 000,000,000 | -HSD | M] -- C:\Users\Shaim\AppData\Roaming\64D6EC
[2013.06.04 12:36:49 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Actual Search & Replace
[2013.03.11 17:48:34 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Adobe
[2013.02.10 20:48:18 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Adobe Mini Bridge CS5
[2013.03.23 19:22:31 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\AnvSoft
[2013.03.04 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Apple Computer
[2013.06.15 02:16:47 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\ATI
[2013.06.10 05:35:17 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Audacity
[2013.04.28 21:43:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\avidemux
[2013.04.19 12:45:04 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Bitcoin
[2012.11.18 22:43:33 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Broad Intelligence
[2013.04.04 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Curse Advertising
[2012.07.10 22:03:34 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Download Manager
[2013.03.04 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\DVDVideoSoft
[2013.03.13 21:36:46 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\ESET
[2013.06.14 10:14:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\GHISLER
[2012.05.02 04:51:24 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Gmail Backup
[2012.11.08 22:34:23 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\HTC
[2012.10.21 04:49:48 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Intel Corporation
[2013.07.28 06:50:46 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\LolClient
[2012.11.10 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Macromedia
[2012.11.04 23:35:57 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Malwarebytes
[2012.04.30 15:11:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\MAXON
[2013.06.14 10:28:31 | 000,000,000 | --SD | M] -- C:\Users\Shaim\AppData\Roaming\Microsoft
[2013.03.04 16:04:45 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Mozilla
[2012.07.29 21:48:44 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\NetBeans
[2012.05.29 03:06:52 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\OpenCandy
[2012.04.30 05:05:12 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Opera
[2012.10.11 20:51:14 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\PC Suite
[2013.03.06 21:07:00 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\PDF Writer
[2013.04.19 04:52:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\poclbm
[2012.04.30 05:06:24 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\QIP
[2013.04.15 00:50:49 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Razer
[2013.04.07 23:59:32 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Real
[2012.04.30 03:25:08 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Reviversoft
[2013.03.18 22:12:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\RobotSoft
[2013.03.04 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Seagate
[2012.04.30 03:24:48 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Smart PC Solutions
[2013.03.04 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.11.01 00:16:58 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Subversion
[2013.01.12 19:23:06 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Thunderbird
[2012.11.10 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\TomTom
[2013.07.28 14:08:54 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\tor
[2013.06.14 12:57:58 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\TortoiseHg
[2012.10.27 21:22:01 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\TortoiseSVN
[2013.05.13 03:23:38 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Ulozto File Manager
[2013.07.28 06:49:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\uTorrent
[2012.11.11 23:31:13 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\VeryAndroid
[2012.05.01 05:33:41 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\VirtuaWin
[2013.07.28 07:26:09 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\vlc
[2012.07.31 19:49:35 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\VMware
[2013.07.28 06:49:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\Winamp
[2013.03.07 02:16:21 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\WinMount
[2012.04.30 00:51:26 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\WinRAR
[2012.06.07 19:51:28 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\{3d7b3526-fa5f-4072-a4b7-a0ad05e28521}
[2012.05.31 23:07:56 | 000,000,000 | ---D | M] -- C:\Users\Shaim\AppData\Roaming\{f0de8f3b-8aa8-47d1-b639-bcf14af1c98f}

< %APPDATA%\*.exe /s >
[2010.12.22 12:57:08 | 000,011,264 | ---- | M] (Fibonacci Software) -- C:\Users\Shaim\AppData\Roaming\{3d7b3526-fa5f-4072-a4b7-a0ad05e28521}\bump.exe
[2010.12.22 12:57:08 | 000,011,264 | ---- | M] (Fibonacci Software) -- C:\Users\Shaim\AppData\Roaming\{f0de8f3b-8aa8-47d1-b639-bcf14af1c98f}\bump.exe
[2012.10.23 00:28:33 | 000,011,264 | R--- | M] () -- C:\Users\Shaim\AppData\Roaming\Microsoft\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
[2012.05.29 03:06:56 | 000,789,216 | ---- | M] () -- C:\Users\Shaim\AppData\Roaming\OpenCandy\1B1D1D7EB8584E2E80B2874808FB7F71\RealPlayerR71POC6_p2v1.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.28 14:15:14 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.28 07:31:15 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.28 14:01:19 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job
[2013.07.27 20:42:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job
[2013.07.28 13:42:04 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.27 16:58:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.07.27 16:58:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Shaim_VirtuaWin" = "C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe" -- [2010.09.04 11:20:26 | 000,135,680 | ---- | M] (VirtuaWin)
"Shaim_Vidalia" = "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe" -- [2012.07.28 22:35:30 | 006,172,985 | ---- | M] ()
"Shaim_Lycosa" = "C:\Program Files (x86)\Razer\Razer Lycosa\razerhid.exe" -- [2011.03.21 21:01:46 | 000,233,984 | ---- | M] (Razer USA Ltd.)
"Shaim_Ext2 Volume Manager" = C:\Program Files\Ext2Fsd\Ext2Mgr.exe -quiet -- [2011.02.05 09:12:42 | 001,211,536 | ---- | M] (Ext2Fsd Group (www.ext2fsd.com))
"Shaim_Boomslang" = C:\Program Files (x86)\Razer\Boomslang\razerhid.exe -- [2009.11.23 14:57:46 | 000,147,456 | ---- | M] ()
"GoogleDriveSync" = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart -- [2013.06.06 23:57:24 | 019,676,256 | ---- | M] (Google)
"Google Update" = "C:\Users\Shaim\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.05.30 00:18:05 | 000,116,648 | ---- | M] (Google Inc.)
"Spybot-S&D Cleaning" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean -- [2012.11.13 15:07:26 | 003,713,032 | ---- | M] (Safer-Networking Ltd.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.06.28 02:03:13 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=C8D28F8B498CADBB9445AC4545BD41B7 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.07.28 06:45:20 | 000,879,456 | ---- | M] (Opera Software) MD5=FFC67949EF7C2BF307ED91B293581DD2 -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.28 14:02:56 | 000,000,512 | ---- | M] () MD5=60BEFB853ABEAAA158AD1B95D24BADD9 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.07.14 13:47:54 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\cstrike\materials\concrete\prodwllecracked.vmt
[2010.07.14 13:47:54 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\cstrike\materials\concrete\prodwllecracked.vtf
[2010.07.14 14:13:06 | 000,000,540 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2010.07.14 14:13:06 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2013.03.17 08:03:00 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class

< *keygen* /s >

ŠtěpánkaP · #11 Příspěvek od **ŠtěpánkaP** » 28 črc 2013 19:48

log část 3:
< *loader* /s >
[189 \Program Files (x86)\*.tmp files -> \Program Files (x86)\*.tmp -> ]
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.11.27 06:47:27 | 000,020,992 | ---- | M] () -- \Program Files (x86)\Avidemux\libADM_coreImageLoader6.dll
[2012.11.27 06:47:27 | 000,002,326 | ---- | M] () -- \Program Files (x86)\Avidemux\libADM_coreImageLoader6.dll.a
[2012.08.29 19:39:17 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.07.14 14:14:11 | 000,000,179 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loaderCHROME.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loaderCHROME.vtf
[2010.07.14 14:14:11 | 000,000,073 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base.vmt
[2010.07.14 14:14:11 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base.vtf
[2010.07.14 14:14:11 | 000,000,080 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base_panels.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base_panels.vtf
[2010.07.14 14:14:11 | 000,000,079 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base_sides.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_base_sides.vtf
[2010.07.14 14:14:11 | 000,000,079 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_body_hatch.vmt
[2010.07.14 14:14:11 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_body_hatch.vtf
[2010.07.14 14:14:11 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_body_side.vmt
[2010.07.14 14:14:11 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_body_side.vtf
[2010.07.14 14:14:11 | 000,000,184 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_darkCHROME.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_darkCHROME.vtf
[2010.07.14 14:14:11 | 000,000,073 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_head.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_head.vtf
[2010.07.14 14:14:11 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_hydro.vmt
[2010.07.14 14:14:11 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_hydro.vtf
[2010.07.14 14:14:11 | 000,000,082 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vmt
[2010.07.14 14:14:11 | 000,000,888 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vtf
[2010.07.14 14:14:11 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_side1.vmt
[2010.07.14 14:14:11 | 000,011,048 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_leg_side1.vtf
[2010.07.14 14:14:11 | 000,000,186 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_steelchrome1.vmt
[2010.07.14 14:14:11 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source 2010\hl2\materials\PerfTest\loader\loader_steelchrome1.vtf
[2013.01.25 10:09:04 | 000,154,624 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\NTPhysX_Loader_x86_r.dll
[2013.01.25 10:09:12 | 000,058,368 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\NTPhysX_Loader_x86_s.dll
[2013.01.25 10:09:06 | 000,064,280 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\PhysXLoader.dll
[2012.02.07 13:06:20 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.02.07 13:06:20 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.02.07 13:06:20 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2012.04.30 01:17:53 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.10.08 22:47:23 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.02.17 09:22:54 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.03 14:06:59 | 000,003,880 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderJp.class
[2012.10.08 22:46:57 | 000,007,073 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2012.02.07 13:06:20 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.233\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.33\deploy\assets\storeImages\layout\small_loader.gif
[2013.07.24 14:42:29 | 000,001,415 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.33\deploy\mod\cfct\assets\FeaturedContentLoaderAssets.swf
[2010.08.27 19:43:08 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Mafia II\pc\PhysXLoader.dll
[2009.07.22 10:17:52 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 01:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 04:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 04:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2011.06.11 11:35:48 | 000,015,342 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\xampp\tomcat\webapps\docs\class-loader-howto.html
[2011.06.11 11:35:48 | 000,013,138 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\xampp\tomcat\webapps\docs\config\loader.html
[2010.08.05 16:33:12 | 000,034,304 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\KLoaderWin32.exe
[2011.07.06 12:55:18 | 000,064,352 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\PhysXLoader.dll
[2011.12.01 19:03:26 | 000,019,056 | ---- | M] () -- \Program Files (x86)\NeoSmart Technologies\EasyBCD\bin\NST Downloader.exe
[2012.07.17 15:46:51 | 000,000,484 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\ergonomics\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2012.07.17 15:47:12 | 000,002,941 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.07.17 15:47:11 | 000,000,411 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\config\Modules\org-openide-loaders.xml
[2012.07.29 21:40:00 | 001,385,337 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\modules\org-openide-loaders.jar
[2012.07.29 21:39:58 | 000,007,120 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\modules\locale\org-openide-loaders_ja.jar
[2012.07.29 21:39:57 | 000,006,546 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2012.07.29 21:39:57 | 000,007,665 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\modules\locale\org-openide-loaders_ru.jar
[2012.07.29 21:39:56 | 000,006,741 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.07.29 21:41:05 | 000,000,800 | ---- | M] () -- \Program Files (x86)\NetBeans 7.2\platform\update_tracking\org-openide-loaders.xml
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.20 08:59:58 | 000,127,640 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderATA.xss
[2011.10.20 08:22:14 | 000,111,264 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderSCSI.xss
[2011.10.20 09:00:02 | 000,046,944 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderUSB.xss
[2013.06.07 00:30:29 | 000,028,160 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\MeshDownloader.exe
[2013.06.07 00:32:56 | 000,000,546 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\DeathKnight\SubLoader.lua
[2013.06.07 00:32:56 | 000,000,604 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Druid\SubLoader.lua
[2013.06.07 00:32:55 | 000,000,538 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Hunter\SubLoader.lua
[2013.06.07 00:32:54 | 000,000,509 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Mage\SubLoader.lua
[2013.06.07 00:32:54 | 000,000,526 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Monk\SubLoader.lua
[2013.06.07 00:32:53 | 000,000,532 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Paladin\SubLoader.lua
[2013.06.07 00:32:53 | 000,000,526 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Priest\SubLoader.lua
[2013.06.07 00:32:52 | 000,000,528 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Rogue\SubLoader.lua
[2013.06.07 00:32:52 | 000,000,537 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Shaman\SubLoader.lua
[2013.06.07 00:32:51 | 000,000,542 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Warlock\SubLoader.lua
[2013.06.07 00:32:51 | 000,000,528 | ---- | M] () -- \Program Files (x86)\World of Warcraft\CrawlerBots\CustomClasses\Warrior\SubLoader.lua
[2013.03.08 05:43:51 | 000,000,078 | ---- | M] () -- \Program Files (x86)\World of Warcraft\WTF\Account\SHAIMAGAL\SavedVariables\AtlasLoot_Loader.lua
[2009.01.14 14:22:40 | 000,068,096 | ---- | M] () -- \Program Files (x86)\xampp\MercuryMail\loader.exe
[2009.12.20 00:00:00 | 000,014,987 | ---- | M] () -- \Program Files (x86)\xampp\perl\lib\AutoLoader.pm
[2009.12.20 00:00:00 | 000,025,806 | ---- | M] () -- \Program Files (x86)\xampp\perl\lib\DynaLoader.pm
[2009.12.20 00:00:00 | 000,017,341 | ---- | M] () -- \Program Files (x86)\xampp\perl\lib\SelfLoader.pm
[2009.12.20 00:00:00 | 000,010,882 | ---- | M] () -- \Program Files (x86)\xampp\perl\lib\XSLoader.pm
[2009.12.20 00:00:00 | 000,001,329 | ---- | M] () -- \Program Files (x86)\xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2009.12.20 00:00:00 | 000,001,027 | ---- | M] () -- \Program Files (x86)\xampp\perl\site\lib\Apache2\XSLoader.pm
[2009.12.20 00:00:00 | 000,001,031 | ---- | M] () -- \Program Files (x86)\xampp\perl\site\lib\APR\XSLoader.pm
[2009.12.20 00:00:00 | 000,010,700 | ---- | M] () -- \Program Files (x86)\xampp\perl\site\lib\ModPerl\RegistryLoader.pm
[2008.12.22 12:17:01 | 000,006,914 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PEAR\Autoloader.php
[2008.12.22 12:17:01 | 000,070,142 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PEAR\Downloader.php
[2011.08.05 10:19:10 | 000,005,449 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit\Runner\StandardTestSuiteLoader.php
[2011.08.05 10:19:10 | 000,002,817 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit\Runner\TestSuiteLoader.php
[2011.08.05 10:19:11 | 000,004,758 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit\Util\Fileloader.php
[2008.12.22 12:52:24 | 000,004,609 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit2\Runner\StandardTestSuiteLoader.php
[2008.12.22 12:52:24 | 000,003,186 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit2\Runner\TestSuiteLoader.php
[2008.12.22 12:52:24 | 000,003,767 | ---- | M] () -- \Program Files (x86)\xampp\php\PEAR\PHPUnit2\Util\Fileloader.php
[2011.06.11 11:35:48 | 000,015,342 | ---- | M] () -- \Program Files (x86)\xampp\tomcat\webapps\docs\class-loader-howto.html
[2011.06.11 11:35:48 | 000,013,138 | ---- | M] () -- \Program Files (x86)\xampp\tomcat\webapps\docs\config\loader.html
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.12.06 18:13:52 | 000,001,070 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.22 10:17:50 | 000,027,672 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.07.28 07:23:18 | 000,333,713 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2013.06.04 11:49:33 | 000,001,118 | ---- | M] () -- \qrsos.eu\sub\dev\core\dvoo\Dwoo\ILoader.php
[2013.06.04 11:49:34 | 000,005,385 | ---- | M] () -- \qrsos.eu\sub\dev\core\dvoo\Dwoo\Loader.php
[2013.06.04 11:51:26 | 000,002,545 | ---- | M] () -- \qrsos.eu\sub\dev\templates\main\images\facebook\loader.gif
[2013.06.04 11:52:16 | 000,006,351 | ---- | M] () -- \qrsos.eu\sub\dev\tinymce\jscripts\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2013.06.04 11:52:16 | 000,000,671 | ---- | M] () -- \qrsos.eu\sub\dev\tinymce\jscripts\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2013.06.04 11:52:35 | 000,000,212 | ---- | M] () -- \qrsos.eu\sub\dev\tinymce\jscripts\tiny_mce\plugins\jbimages\ci\application\config\uploader_settings.php
[2013.06.04 11:52:44 | 000,027,479 | ---- | M] () -- \qrsos.eu\sub\dev\tinymce\jscripts\tiny_mce\plugins\jbimages\ci\system\core\Loader.php
[2013.06.04 11:49:33 | 000,001,118 | ---- | M] () -- \qrsos.eu\web\core\dvoo\Dwoo\ILoader.php
[2013.06.04 11:49:34 | 000,005,385 | ---- | M] () -- \qrsos.eu\web\core\dvoo\Dwoo\Loader.php
[2013.06.04 11:51:26 | 000,002,545 | ---- | M] () -- \qrsos.eu\web\templates\main\images\facebook\loader.gif
[2013.06.04 11:52:16 | 000,006,351 | ---- | M] () -- \qrsos.eu\web\tinymce\jscripts\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2013.06.04 11:52:16 | 000,000,671 | ---- | M] () -- \qrsos.eu\web\tinymce\jscripts\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2013.06.04 11:52:35 | 000,000,212 | ---- | M] () -- \qrsos.eu\web\tinymce\jscripts\tiny_mce\plugins\jbimages\ci\application\config\uploader_settings.php
[2013.06.04 11:52:44 | 000,027,479 | ---- | M] () -- \qrsos.eu\web\tinymce\jscripts\tiny_mce\plugins\jbimages\ci\system\core\Loader.php
[2013.07.28 07:23:18 | 000,333,713 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip
[2012.12.09 03:07:02 | 000,005,950 | ---- | M] () -- \Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMRWAS4Y\loader[1].gif
[2013.07.27 21:33:36 | 000,002,867 | ---- | M] () -- \Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\css\Chrome-YouTube-Downloader.css
[2013.07.27 21:33:36 | 000,009,123 | ---- | M] () -- \Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\script\Chrome-YouTube-Downloader.js
[2013.07.27 21:33:28 | 000,003,208 | ---- | M] () -- \Users\Shaim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.2_0\skin\ajax-loader.gif
[2005.06.20 15:45:24 | 000,000,544 | ---- | M] () -- \Users\Shaim\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP7\MovieClipLoader.as
[2005.06.20 15:45:26 | 000,000,544 | ---- | M] () -- \Users\Shaim\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP8\MovieClipLoader.as
[2005.07.13 12:06:52 | 000,010,454 | ---- | M] () -- \Users\Shaim\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\mx\controls\Loader.as
[2009.07.17 13:39:42 | 000,189,696 | ---- | M] () -- \Users\Shaim\AppData\Local\Temp\prLoader.dll
[2 \Users\Shaim\AppData\Local\Temp\*.tmp files -> \Users\Shaim\AppData\Local\Temp\*.tmp -> ]
[2013.07.28 07:30:55 | 000,008,192 | ---- | M] () -- \Users\Shaim\AppData\Local\Temp\_MEI33562\_win32sysloader.pyd
[2009.07.17 13:39:42 | 000,189,696 | ---- | M] () -- \Users\Shaim\AppData\Local\Temp\AVCBack\prLoader.dll
[2012.04.18 00:39:24 | 000,010,145 | ---- | M] () -- \Users\Shaim\AppData\Roaming\Mozilla\Firefox\Profiles\xpfhr89a.default-1363817886278\conduitCommon\modules\3.12.0.8\ExternalLibraryLoader.jsm
[2012.04.30 00:31:44 | 000,002,037 | ---- | M] () -- \Users\Shaim\Desktop\Control\JDownloader.lnk
[2010.10.07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,387,408 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.04.30 00:13:50 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.04.30 00:13:50 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.04.30 00:13:50 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.04.30 00:13:50 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.04.30 00:13:50 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.06.04 11:06:56 | 000,001,623 | ---- | M] () -- \xampp\htdocs\ppp\.hg\store\data\images\ajax-loader.gif.i
[2013.06.04 11:06:56 | 000,002,685 | ---- | M] () -- \xampp\htdocs\ppp\.hg\store\data\images\ajax-loader2.gif.i
[2013.06.04 11:06:56 | 000,001,645 | ---- | M] () -- \xampp\htdocs\ppp\.hg\store\data\images\ajax__loader__small.gif.i
[2013.06.04 11:08:22 | 000,001,849 | ---- | M] () -- \xampp\htdocs\ppp\images\ajax-loader.gif
[2013.06.04 11:08:22 | 000,003,208 | ---- | M] () -- \xampp\htdocs\ppp\images\ajax-loader2.gif
[2013.06.04 11:08:22 | 000,001,849 | ---- | M] () -- \xampp\htdocs\ppp\images\ajax_loader_small.gif
[2011.02.26 20:00:42 | 000,008,192 | ---- | M] () -- \xampp\mailtodisk\_win32sysloader.pyd
[2012.04.16 17:30:19 | 000,068,096 | ---- | M] () -- \xampp\MercuryMail\loader.exe
[2012.04.25 02:18:30 | 000,015,009 | ---- | M] () -- \xampp\perl\lib\AutoLoader.pm
[2012.08.09 10:03:54 | 000,025,696 | ---- | M] () -- \xampp\perl\lib\DynaLoader.pm
[2012.04.25 02:18:32 | 000,017,377 | ---- | M] () -- \xampp\perl\lib\SelfLoader.pm
[2012.08.09 10:01:44 | 000,010,589 | ---- | M] () -- \xampp\perl\lib\XSLoader.pm
[2012.04.25 02:18:32 | 000,000,490 | ---- | M] () -- \xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2009.12.20 00:00:00 | 000,001,027 | ---- | M] () -- \xampp\perl\site\lib\Apache2\XSLoader.pm
[2009.12.20 00:00:00 | 000,001,031 | ---- | M] () -- \xampp\perl\site\lib\APR\XSLoader.pm
[2009.12.20 00:00:00 | 000,010,700 | ---- | M] () -- \xampp\perl\site\lib\ModPerl\RegistryLoader.pm
[2005.04.28 01:55:32 | 000,005,746 | ---- | M] () -- \xampp\perl\vendor\lib\Class\Loader.pm
[2001.05.02 04:01:04 | 000,000,648 | ---- | M] () -- \xampp\perl\vendor\lib\Class\LoaderTest.pm
[2012.07.13 19:57:02 | 000,024,325 | ---- | M] () -- \xampp\perl\vendor\lib\YAML\Loader.pm
[2012.04.16 17:30:19 | 000,004,896 | ---- | M] () -- \xampp\php\PEAR\Crypt\RSA\MathLoader.php
[2012.04.16 17:30:19 | 000,006,565 | ---- | M] () -- \xampp\php\PEAR\PEAR\Autoloader.php
[2012.04.16 17:30:19 | 000,066,585 | ---- | M] () -- \xampp\php\PEAR\PEAR\Downloader.php
[2011.08.05 10:19:10 | 000,005,449 | ---- | M] () -- \xampp\php\PEAR\PHPUnit\Runner\StandardTestSuiteLoader.php
[2011.08.05 10:19:10 | 000,002,817 | ---- | M] () -- \xampp\php\PEAR\PHPUnit\Runner\TestSuiteLoader.php
[2011.08.05 10:19:11 | 000,004,758 | ---- | M] () -- \xampp\php\PEAR\PHPUnit\Util\Fileloader.php
[2008.12.22 12:52:24 | 000,004,609 | ---- | M] () -- \xampp\php\PEAR\PHPUnit2\Runner\StandardTestSuiteLoader.php
[2008.12.22 12:52:24 | 000,003,186 | ---- | M] () -- \xampp\php\PEAR\PHPUnit2\Runner\TestSuiteLoader.php
[2008.12.22 12:52:24 | 000,003,767 | ---- | M] () -- \xampp\php\PEAR\PHPUnit2\Util\Fileloader.php
[2012.09.02 09:52:20 | 000,018,059 | ---- | M] () -- \xampp\tomcat\webapps\docs\class-loader-howto.html
[2012.09.02 09:52:20 | 000,014,085 | ---- | M] () -- \xampp\tomcat\webapps\docs\config\loader.html

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

#12 Příspěvek od **vyosek** » 29 črc 2013 06:43

Dobra, nebudem to tedy nejak pitvat

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1270796135-2931976614-705505444-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
FF - prefs.js..network.proxy.ftp: "212.80.69.67"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "212.80.69.67"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "212.80.69.67"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "212.80.69.67"
FF - prefs.js..network.proxy.ssl_port: 3128
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O13 - gopher Prefix: missing
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.07.28 11:42:54 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.07.28 11:42:54 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2013.07.28 14:15:14 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.28 07:31:15 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.28 14:01:19 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job
[2013.07.27 20:42:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job
[2013.07.28 13:42:04 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=-
"Google Update"=-
"Spybot-S&D Cleaning"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"SunJavaUpdateSched"=-

:files
C:\Program Files (x86)\FAP*.tmp
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

ŠtěpánkaP · #13 Příspěvek od **ŠtěpánkaP** » 29 črc 2013 16:47

Jasná věc, log je zde, moc děkuji.

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-1270796135-2931976614-705505444-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1270796135-2931976614-705505444-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1270796135-2931976614-705505444-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1270796135-2931976614-705505444-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "212.80.69.67" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "212.80.69.67" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "212.80.69.67" removed from network.proxy.socks
Prefs.js: 3128 removed from network.proxy.socks_port
Prefs.js: "212.80.69.67" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\rundll16.exe folder moved successfully.
C:\Windows\logo1_.exe folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP212.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP896A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDFA3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7DD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB5F5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD6A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE333.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE395.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f5b672ff3e9.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270796135-2931976614-705505444-1001UA1ce7f2ed09c7ca3.job moved successfully.
ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Spybot-S&D Cleaning deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\Program Files (x86)\FAP118F.tmp moved successfully.
C:\Program Files (x86)\FAP11C0.tmp moved successfully.
C:\Program Files (x86)\FAP11F1.tmp moved successfully.
C:\Program Files (x86)\FAP12A1.tmp moved successfully.
C:\Program Files (x86)\FAP12C2.tmp moved successfully.
C:\Program Files (x86)\FAP12F3.tmp moved successfully.
C:\Program Files (x86)\FAP153B.tmp moved successfully.
C:\Program Files (x86)\FAP156B.tmp moved successfully.
C:\Program Files (x86)\FAP15AC.tmp moved successfully.
C:\Program Files (x86)\FAP19A4.tmp moved successfully.
C:\Program Files (x86)\FAP19D5.tmp moved successfully.
C:\Program Files (x86)\FAP1A05.tmp moved successfully.
C:\Program Files (x86)\FAP1F27.tmp moved successfully.
C:\Program Files (x86)\FAP1F67.tmp moved successfully.
C:\Program Files (x86)\FAP1FA8.tmp moved successfully.
C:\Program Files (x86)\FAP206D.tmp moved successfully.
C:\Program Files (x86)\FAP20AE.tmp moved successfully.
C:\Program Files (x86)\FAP20DF.tmp moved successfully.
C:\Program Files (x86)\FAP2AAB.tmp moved successfully.
C:\Program Files (x86)\FAP2ACD.tmp moved successfully.
C:\Program Files (x86)\FAP2AEE.tmp moved successfully.
C:\Program Files (x86)\FAP2B.tmp moved successfully.
C:\Program Files (x86)\FAP3439.tmp moved successfully.
C:\Program Files (x86)\FAP3489.tmp moved successfully.
C:\Program Files (x86)\FAP34BA.tmp moved successfully.
C:\Program Files (x86)\FAP3966.tmp moved successfully.
C:\Program Files (x86)\FAP3987.tmp moved successfully.
C:\Program Files (x86)\FAP3999.tmp moved successfully.
C:\Program Files (x86)\FAP3CF9.tmp moved successfully.
C:\Program Files (x86)\FAP3D2A.tmp moved successfully.
C:\Program Files (x86)\FAP3DF7.tmp moved successfully.
C:\Program Files (x86)\FAP439A.tmp moved successfully.
C:\Program Files (x86)\FAP43BB.tmp moved successfully.
C:\Program Files (x86)\FAP43DD.tmp moved successfully.
C:\Program Files (x86)\FAP4885.tmp moved successfully.
C:\Program Files (x86)\FAP48B6.tmp moved successfully.
C:\Program Files (x86)\FAP48D7.tmp moved successfully.
C:\Program Files (x86)\FAP5B6.tmp moved successfully.
C:\Program Files (x86)\FAP5D08.tmp moved successfully.
C:\Program Files (x86)\FAP5D29.tmp moved successfully.
C:\Program Files (x86)\FAP5D4A.tmp moved successfully.
C:\Program Files (x86)\FAP5D8.tmp moved successfully.
C:\Program Files (x86)\FAP5F22.tmp moved successfully.
C:\Program Files (x86)\FAP5F52.tmp moved successfully.
C:\Program Files (x86)\FAP5F83.tmp moved successfully.
C:\Program Files (x86)\FAP5F9.tmp moved successfully.
C:\Program Files (x86)\FAP6149.tmp moved successfully.
C:\Program Files (x86)\FAP616A.tmp moved successfully.
C:\Program Files (x86)\FAP619B.tmp moved successfully.
C:\Program Files (x86)\FAP685.tmp moved successfully.
C:\Program Files (x86)\FAP699C.tmp moved successfully.
C:\Program Files (x86)\FAP69B.tmp moved successfully.
C:\Program Files (x86)\FAP69DC.tmp moved successfully.
C:\Program Files (x86)\FAP6A0D.tmp moved successfully.
C:\Program Files (x86)\FAP6A6.tmp moved successfully.
C:\Program Files (x86)\FAP6BC.tmp moved successfully.
C:\Program Files (x86)\FAP6C7.tmp moved successfully.
C:\Program Files (x86)\FAP6DBB.tmp moved successfully.
C:\Program Files (x86)\FAP6DD.tmp moved successfully.
C:\Program Files (x86)\FAP6DEC.tmp moved successfully.
C:\Program Files (x86)\FAP6E1C.tmp moved successfully.
C:\Program Files (x86)\FAP71E.tmp moved successfully.
C:\Program Files (x86)\FAP740.tmp moved successfully.
C:\Program Files (x86)\FAP770.tmp moved successfully.
C:\Program Files (x86)\FAP7BEB.tmp moved successfully.
C:\Program Files (x86)\FAP7C2C.tmp moved successfully.
C:\Program Files (x86)\FAP7C5C.tmp moved successfully.
C:\Program Files (x86)\FAP82C2.tmp moved successfully.
C:\Program Files (x86)\FAP8302.tmp moved successfully.
C:\Program Files (x86)\FAP8343.tmp moved successfully.
C:\Program Files (x86)\FAP885B.tmp moved successfully.
C:\Program Files (x86)\FAP889B.tmp moved successfully.
C:\Program Files (x86)\FAP88CC.tmp moved successfully.
C:\Program Files (x86)\FAP8B52.tmp moved successfully.
C:\Program Files (x86)\FAP8B93.tmp moved successfully.
C:\Program Files (x86)\FAP8BC3.tmp moved successfully.
C:\Program Files (x86)\FAP8D09.tmp moved successfully.
C:\Program Files (x86)\FAP8D3A.tmp moved successfully.
C:\Program Files (x86)\FAP8D5B.tmp moved successfully.
C:\Program Files (x86)\FAP8E3D.tmp moved successfully.
C:\Program Files (x86)\FAP8E6D.tmp moved successfully.
C:\Program Files (x86)\FAP8E8F.tmp moved successfully.
C:\Program Files (x86)\FAP90E9.tmp moved successfully.
C:\Program Files (x86)\FAP911A.tmp moved successfully.
C:\Program Files (x86)\FAP914A.tmp moved successfully.
C:\Program Files (x86)\FAP9156.tmp moved successfully.
C:\Program Files (x86)\FAP9177.tmp moved successfully.
C:\Program Files (x86)\FAP9198.tmp moved successfully.
C:\Program Files (x86)\FAP98C2.tmp moved successfully.
C:\Program Files (x86)\FAP98E3.tmp moved successfully.
C:\Program Files (x86)\FAP9923.tmp moved successfully.
C:\Program Files (x86)\FAP9C0D.tmp moved successfully.
C:\Program Files (x86)\FAP9C3E.tmp moved successfully.
C:\Program Files (x86)\FAP9C7E.tmp moved successfully.
C:\Program Files (x86)\FAP9F50.tmp moved successfully.
C:\Program Files (x86)\FAP9F81.tmp moved successfully.
C:\Program Files (x86)\FAP9FB2.tmp moved successfully.
C:\Program Files (x86)\FAPA.tmp moved successfully.
C:\Program Files (x86)\FAPA3B5.tmp moved successfully.
C:\Program Files (x86)\FAPA3D6.tmp moved successfully.
C:\Program Files (x86)\FAPA3F7.tmp moved successfully.
C:\Program Files (x86)\FAPA5B5.tmp moved successfully.
C:\Program Files (x86)\FAPA5E6.tmp moved successfully.
C:\Program Files (x86)\FAPA5F1.tmp moved successfully.
C:\Program Files (x86)\FAPA607.tmp moved successfully.
C:\Program Files (x86)\FAPA622.tmp moved successfully.
C:\Program Files (x86)\FAPA653.tmp moved successfully.
C:\Program Files (x86)\FAPA809.tmp moved successfully.
C:\Program Files (x86)\FAPA82B.tmp moved successfully.
C:\Program Files (x86)\FAPA84C.tmp moved successfully.
C:\Program Files (x86)\FAPB0D0.tmp moved successfully.
C:\Program Files (x86)\FAPB101.tmp moved successfully.
C:\Program Files (x86)\FAPB131.tmp moved successfully.
C:\Program Files (x86)\FAPB5D7.tmp moved successfully.
C:\Program Files (x86)\FAPB618.tmp moved successfully.
C:\Program Files (x86)\FAPB649.tmp moved successfully.
C:\Program Files (x86)\FAPBB9C.tmp moved successfully.
C:\Program Files (x86)\FAPBBDC.tmp moved successfully.
C:\Program Files (x86)\FAPBC0D.tmp moved successfully.
C:\Program Files (x86)\FAPBC6.tmp moved successfully.
C:\Program Files (x86)\FAPBE7.tmp moved successfully.
C:\Program Files (x86)\FAPC03F.tmp moved successfully.
C:\Program Files (x86)\FAPC080.tmp moved successfully.
C:\Program Files (x86)\FAPC09.tmp moved successfully.
C:\Program Files (x86)\FAPC0B1.tmp moved successfully.
C:\Program Files (x86)\FAPC649.tmp moved successfully.
C:\Program Files (x86)\FAPC67A.tmp moved successfully.
C:\Program Files (x86)\FAPC68C.tmp moved successfully.
C:\Program Files (x86)\FAPC920.tmp moved successfully.
C:\Program Files (x86)\FAPC951.tmp moved successfully.
C:\Program Files (x86)\FAPC960.tmp moved successfully.
C:\Program Files (x86)\FAPC981.tmp moved successfully.
C:\Program Files (x86)\FAPC982.tmp moved successfully.
C:\Program Files (x86)\FAPC9A3.tmp moved successfully.
C:\Program Files (x86)\FAPC9B7.tmp moved successfully.
C:\Program Files (x86)\FAPC9E8.tmp moved successfully.
C:\Program Files (x86)\FAPCA19.tmp moved successfully.
C:\Program Files (x86)\FAPCABF.tmp moved successfully.
C:\Program Files (x86)\FAPCAE0.tmp moved successfully.
C:\Program Files (x86)\FAPCB01.tmp moved successfully.
C:\Program Files (x86)\FAPCC52.tmp moved successfully.
C:\Program Files (x86)\FAPCC82.tmp moved successfully.
C:\Program Files (x86)\FAPCCA4.tmp moved successfully.
C:\Program Files (x86)\FAPCDA4.tmp moved successfully.
C:\Program Files (x86)\FAPCDD5.tmp moved successfully.
C:\Program Files (x86)\FAPCDF6.tmp moved successfully.
C:\Program Files (x86)\FAPD0B5.tmp moved successfully.
C:\Program Files (x86)\FAPD0D6.tmp moved successfully.
C:\Program Files (x86)\FAPD0F7.tmp moved successfully.
C:\Program Files (x86)\FAPD178.tmp moved successfully.
C:\Program Files (x86)\FAPD1A9.tmp moved successfully.
C:\Program Files (x86)\FAPD1DA.tmp moved successfully.
C:\Program Files (x86)\FAPD270.tmp moved successfully.
C:\Program Files (x86)\FAPD2B0.tmp moved successfully.
C:\Program Files (x86)\FAPD2E1.tmp moved successfully.
C:\Program Files (x86)\FAPD5A9.tmp moved successfully.
C:\Program Files (x86)\FAPD5CA.tmp moved successfully.
C:\Program Files (x86)\FAPD5EC.tmp moved successfully.
C:\Program Files (x86)\FAPD7DC.tmp moved successfully.
C:\Program Files (x86)\FAPD7FD.tmp moved successfully.
C:\Program Files (x86)\FAPD80F.tmp moved successfully.
C:\Program Files (x86)\FAPD8F6.tmp moved successfully.
C:\Program Files (x86)\FAPD946.tmp moved successfully.
C:\Program Files (x86)\FAPD977.tmp moved successfully.
C:\Program Files (x86)\FAPDD7E.tmp moved successfully.
C:\Program Files (x86)\FAPDD9F.tmp moved successfully.
C:\Program Files (x86)\FAPDDC1.tmp moved successfully.
C:\Program Files (x86)\FAPE334.tmp moved successfully.
C:\Program Files (x86)\FAPE355.tmp moved successfully.
C:\Program Files (x86)\FAPE386.tmp moved successfully.
C:\Program Files (x86)\FAPE858.tmp moved successfully.
C:\Program Files (x86)\FAPE87A.tmp moved successfully.
C:\Program Files (x86)\FAPE89B.tmp moved successfully.
C:\Program Files (x86)\FAPE9D1.tmp moved successfully.
C:\Program Files (x86)\FAPE9F2.tmp moved successfully.
C:\Program Files (x86)\FAPEA23.tmp moved successfully.
C:\Program Files (x86)\FAPEE2E.tmp moved successfully.
C:\Program Files (x86)\FAPEE50.tmp moved successfully.
C:\Program Files (x86)\FAPEE90.tmp moved successfully.
C:\Program Files (x86)\FAPF90E.tmp moved successfully.
C:\Program Files (x86)\FAPF93F.tmp moved successfully.
C:\Program Files (x86)\FAPF960.tmp moved successfully.
C:\Program Files (x86)\FAPFA9E.tmp moved successfully.
C:\Program Files (x86)\FAPFABF.tmp moved successfully.
C:\Program Files (x86)\FAPFAE0.tmp moved successfully.
C:\Program Files (x86)\FAPFB7B.tmp moved successfully.
C:\Program Files (x86)\FAPFB9C.tmp moved successfully.
C:\Program Files (x86)\FAPFBBD.tmp moved successfully.
C:\Program Files (x86)\FAPFFE9.tmp moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: DefaultAppPool
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Guest
->Temp folder emptied: 1822 bytes
->Temporary Internet Files folder emptied: 15357107 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1530 bytes

User: hedev
->Temp folder emptied: 43164427 bytes

User: HomeGroupUser$

User: Public

User: Shaim
->Temp folder emptied: 1157221976 bytes
->Temporary Internet Files folder emptied: 82443 bytes
->Java cache emptied: 1845513 bytes
->FireFox cache emptied: 411232798 bytes
->Google Chrome cache emptied: 11941753 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81873 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 1282462696 bytes

Total Files Cleaned = 2 788,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: DefaultAppPool
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: hedev

User: HomeGroupUser$

User: Public

User: Shaim
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: DefaultAppPool

User: Guest
->Java cache emptied: 0 bytes

User: hedev

User: HomeGroupUser$

User: Public

User: Shaim
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07292013_173906

Files\Folders moved on Reboot...
C:\Users\Shaim\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#14 Příspěvek od **vyosek** » 30 črc 2013 21:47

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

ŠtěpánkaP · #15 Příspěvek od **ŠtěpánkaP** » 31 črc 2013 02:32

super, všechno je OK! Jsem Vaším dlužníkem!

VIRY.CZ

Zpomalení PC

Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC

Re: Zpomalení PC