Zpomalený internet - dříve v pořádku

[Affondatore]

Dobrý den,
poslední dobou mám problém s internetem, dělá si, co chce. Občas nenačítá video vůbec ani na 240p, jindy v pohodě na 720p, ve hrách hrozně skáče ping, při brouzdání na internetu se 1x za 10 minut nechce načíst žádná stránka (v tu chvíli mám i problém s pingem ve hře). Dříve to nedělalo, mám podezření na vir.

Log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Patrik at 2013-08-13 15:55:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (11%) free of 292 GB
Total RAM: 3959 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:07, on 13.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Patrik\Desktop\AT cata\4.3.4 WoW.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Patrik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444& ... 0F6E0D56E9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v47n22614
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Blog This in Windows Live - {2adefb8e-b923-35e6-86e2-2b7841f5d6a4} - mscoree.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.co ... 4.26.0.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12586 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3076
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Saitek\SD6\Software\ProfilerU.exe"
"C:\Program Files\Saitek\SD6\Software\SaiMfd.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
"C:\Users\Patrik\Desktop\AT cata\4.3.4 WoW.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3920.0.863970940\15524794" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.741.1.5000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3920.6.1348102114\1739113817" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3920.13.1792132259\1916472705" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe40_ Global\UsGthrCtrlFltPipeMssGthrPipe40 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Patrik\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d6a4}]
Blog This in Windows Live - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-29 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-29 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2010-07-29 310272]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2010-07-29 158208]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 12921488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-07-27 1807272]
"BitTorrent"=C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-29 265984]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-25 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"=C:\Windows\SysWow64\Wshxt.dll [2013-01-14 53248]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-13 15:55:58 ----D---- C:\Program Files\trend micro
2013-08-13 15:55:57 ----D---- C:\rsit
2013-08-12 16:10:55 ----D---- C:\com.sega.CrazyTaxi
2013-08-11 17:29:23 ----D---- C:\com.disney.monstersincrun_goo
2013-08-04 12:19:29 ----D---- C:\Users\Patrik\AppData\Roaming\IsolatedStorage
2013-08-04 12:19:29 ----D---- C:\ProgramData\IsolatedStorage
2013-08-04 12:18:41 ----D---- C:\Program Files\FileViewPro
2013-08-04 12:17:52 ----D---- C:\Users\Patrik\AppData\Roaming\Solvusoft
2013-08-04 12:15:41 ----D---- C:\Spacekace
2013-08-02 19:30:15 ----D---- C:\Program Files (x86)\Bethesda Softworks
2013-08-01 07:41:55 ----D---- C:\Program Files (x86)\NirSoft
2013-07-31 16:36:13 ----D---- C:\Program Files (x86)\GameSpy Arcade
2013-07-31 16:34:55 ----D---- C:\Program Files (x86)\Crave
2013-07-30 18:54:24 ----D---- C:\Program Files (x86)\MetaGeek
2013-07-28 14:23:21 ----D---- C:\Program Files (x86)\Steam

======List of files/folders modified in the last 1 month======

2013-08-13 15:56:07 ----D---- C:\Windows\Prefetch
2013-08-13 15:56:05 ----HD---- C:\Windows\Temp
2013-08-13 15:55:58 ----RD---- C:\Program Files
2013-08-13 15:40:28 ----D---- C:\Windows\tracing
2013-08-13 09:00:22 ----D---- C:\Windows\system32\config
2013-08-12 15:40:12 ----A---- C:\Users\Patrik\AppData\Roaming\burnaware.ini
2013-08-12 15:27:33 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-11 17:33:32 ----D---- C:\Windows\System32
2013-08-11 17:33:32 ----D---- C:\Windows\inf
2013-08-11 17:33:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-11 12:29:14 ----SHD---- C:\System Volume Information
2013-08-08 20:38:03 ----D---- C:\Users\Patrik\AppData\Roaming\vlc
2013-08-04 12:19:29 ----D---- C:\ProgramData
2013-08-04 12:19:20 ----D---- C:\Windows\Tasks
2013-08-04 12:19:20 ----D---- C:\Windows\system32\Tasks
2013-08-04 12:19:19 ----RD---- C:\Program Files (x86)
2013-08-03 00:00:14 ----D---- C:\Users\Patrik\AppData\Roaming\uTorrent
2013-08-02 23:39:38 ----D---- C:\Users\Patrik\AppData\Roaming\Adobe
2013-07-31 23:09:25 ----D---- C:\ProgramData\Steam
2013-07-31 17:44:27 ----D---- C:\Program Files (x86)\BitTorrent
2013-07-31 16:35:51 ----D---- C:\Windows\SysWOW64
2013-07-31 16:34:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-31 16:32:27 ----D---- C:\Windows\system32\catroot2
2013-07-30 19:51:05 ----D---- C:\Windows\system32\NDF
2013-07-30 18:54:25 ----SHD---- C:\Windows\Installer
2013-07-30 18:54:25 ----D---- C:\Config.Msi
2013-07-30 17:52:45 ----RSD---- C:\Windows\assembly
2013-07-30 15:39:41 ----AD---- C:\Windows
2013-07-30 15:38:02 ----D---- C:\Users\Patrik\AppData\Roaming\SoftGrid Client
2013-07-30 15:29:48 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 15:29:42 ----D---- C:\Windows\system32\drivers
2013-07-30 14:20:46 ----D---- C:\Windows\Logs
2013-07-30 14:15:56 ----D---- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
2013-07-28 14:16:01 ----D---- C:\Program Files (x86)\TeamViewer
2013-07-28 14:15:38 ----D---- C:\ProgramData\Skype
2013-07-28 14:15:38 ----D---- C:\Program Files (x86)\Common Files
2013-07-28 14:15:34 ----D---- C:\Users\Patrik\AppData\Roaming\Skype
2013-07-28 14:14:57 ----D---- C:\Users\Patrik\AppData\Roaming\Seznam.cz
2013-07-28 14:14:50 ----D---- C:\Program Files (x86)\Seznam.cz
2013-07-28 14:13:55 ----D---- C:\Program Files (x86)\QuickTime
2013-07-28 14:13:18 ----D---- C:\Program Files (x86)\Opera
2013-07-28 14:12:37 ----D---- C:\Users\Patrik\AppData\Roaming\Opera
2013-07-25 08:08:21 ----D---- C:\Users\Patrik\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-13 560184]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-07-19 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-07-22 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-07-22 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 6856192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2000-01-01 264192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2000-01-01 116240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4083600]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 SaiK0CC3;SaiK0CC3; C:\Windows\system32\DRIVERS\SaiK0CC3.sys [2010-08-10 171016]
R3 SaiU0CC3;SaiU0CC3; C:\Windows\system32\DRIVERS\SaiU0CC3.sys [2010-08-10 41096]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-07-07 38424]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-12-11 21712]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter_hs.sys [2011-07-07 18456]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S3 S6000KNT;S6000KNT_WebCam Driver; C:\Windows\System32\Drivers\S6000KNT.sys [2009-12-15 183040]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-05-15 16152]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2000-01-01 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-03-28 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-27 563624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-21 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-21 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Affondatore]

Děkuji, nicméně mi ComboFix nejde, hází mi Win32 chybu :-/

[Rudy]

Zkuste v nouz. režimu, příp CF přejmenujte třeba na neco.com a zkuste spustit.

[Affondatore]

Tak restartování ani přejmenování nepomohlo, stále píše chybu: ComboFix.exe není platná aplikace typu Win32.

[Rudy]

OK. Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<.

[Affondatore]

OTL logfile created on: 8/13/2013 7:16:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.87 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 51.98% Memory free
7.73 Gb Paging File | 5.43 Gb Available in Paging File | 70.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.99 Gb Total Space | 30.68 Gb Free Space | 10.77% Space Free | Partition Type: NTFS

Computer Name: PATRIK-PC | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/13 19:15:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrik\Downloads\OTL.exe
PRC - [2013/07/25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/28 14:55:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/04/21 08:49:36 | 010,474,064 | ---- | M] (Blizzard Entertainment) -- C:\Users\Patrik\Desktop\AT cata\4.3.4 WoW.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/06/22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/06/22 08:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/22 08:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/25 02:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 02:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 02:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 02:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 02:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/05/20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/11 23:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2000/01/01 02:00:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/07/27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/12 07:19:41 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/28 14:55:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/07/13 13:59:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/28 07:58:22 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/06/28 07:58:22 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/06/28 07:58:22 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/05/15 18:10:35 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013/05/09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/09/13 20:11:02 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/07/19 11:38:50 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/13 09:53:44 | 000,129,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm)
DRV:64bit: - [2011/09/13 09:53:40 | 000,129,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsdiag.sys -- (zghsdiag)
DRV:64bit: - [2011/07/22 22:45:31 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/07/22 22:45:30 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/07/07 16:13:40 | 000,018,456 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2011/07/07 16:10:12 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/10 10:38:40 | 000,171,016 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CC3.sys -- (SaiK0CC3)
DRV:64bit: - [2010/08/10 10:38:40 | 000,041,096 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CC3.sys -- (SaiU0CC3)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 11:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/15 10:27:50 | 000,183,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S6000KNT.sys -- (S6000KNT)
DRV:64bit: - [2009/12/10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/10/12 15:23:22 | 000,114,304 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/09/10 15:31:56 | 000,117,248 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/08/09 04:10:54 | 000,029,696 | R--- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2000/01/01 02:00:00 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2000/01/01 02:00:00 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2000/01/01 02:00:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV - [2011/12/11 22:40:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v47n22614
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v47n22614
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444& ... 0F6E0D56E9
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 0F6E0D56E9
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{D01D03FD-7D59-4892-BDDE-B958890A185D}: "URL" = http://websearch.ask.com/redirect?clien ... D6E615C363
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/07/24 09:32:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 17:04:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/29 16:03:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ocr@babylon.com: C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\hotfix@mozilla.org: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013/07/03 11:32:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 17:04:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\hotfix@mozilla.org: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013/07/03 11:32:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/25 17:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Extensions
[2013/07/03 11:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions
[2012/09/29 16:53:13 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013/07/03 11:32:45 | 000,000,000 | ---D | M] (Mozilla hotfix) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\MozillaHotfix
[2013/07/28 14:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2013/07/28 14:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\rafuc4p4.default\extensions
[2013/06/18 21:14:38 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\rafuc4p4.default\extensions\ffxtlbr@delta.com
[2012/12/17 20:36:20 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi
[2013/06/18 21:14:09 | 000,006,543 | ---- | M] () -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\rafuc4p4.default\searchplugins\babylon.xml
[2013/06/18 21:14:40 | 000,001,294 | ---- | M] () -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\rafuc4p4.default\searchplugins\delta.xml
[2013/06/18 21:14:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={search ... 0F6E0D56E9
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.delta-search.com/?affID=4444 ... 0F6E0D56E9
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: SiteAdvisor = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: SiteAdvisor = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\

O1 HOSTS File: ([2013/06/05 11:59:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-977518187-2707889140-4114514332-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.co ... 4.26.0.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... 4.26.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F297623A-E714-4D17-A195-9F50942BF8CD}: DhcpNameServer = 192.168.1.20
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {DAE0285D-0788-4E87-985E-01DF2EDE4ACD} - C:\Windows\SysWOW64\wshxt.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/08/13 15:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/08/13 15:55:57 | 000,000,000 | ---D | C] -- C:\rsit
[2013/08/12 16:10:55 | 000,000,000 | ---D | C] -- C:\com.sega.CrazyTaxi
[2013/08/11 17:29:23 | 000,000,000 | ---D | C] -- C:\com.disney.monstersincrun_goo
[2013/08/04 12:19:34 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\FileViewPro
[2013/08/04 12:19:29 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\IsolatedStorage
[2013/08/04 12:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013/08/04 12:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[2013/08/04 12:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\FileViewPro
[2013/08/04 12:17:52 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\Solvusoft
[2013/08/04 12:15:41 | 000,000,000 | ---D | C] -- C:\Spacekace
[2013/08/03 00:10:18 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\F
[2013/08/02 20:40:26 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Documents\My Games
[2013/08/02 20:40:26 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\FalloutNV
[2013/08/02 19:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2013/08/01 16:46:21 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\AT cata
[2013/08/01 07:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013/07/31 23:09:25 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Documents\Klei
[2013/07/31 17:41:49 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2013/07/31 16:36:16 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2013/07/31 16:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2013/07/31 16:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy Arcade
[2013/07/31 16:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crave
[2013/07/31 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crave
[2013/07/31 16:24:17 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/07/30 18:54:58 | 000,000,000 | -HSD | C] -- C:\Users\Patrik\AppData\Local\ms-drivers
[2013/07/30 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\MetaGeek,_LLC
[2013/07/30 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\IsolatedStorage
[2013/07/30 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
[2013/07/30 18:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek
[2013/07/30 17:54:05 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Documents\ArmA 2 OA Demo
[2013/07/30 17:54:04 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\ArmA 2 OA DEMO
[2013/07/28 14:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/10/08 21:11:12 | 006,312,677 | ---- | C] (VIO ) -- C:\Users\Patrik\AppData\Roaming\vio_clean.exe
[2012/10/08 21:11:10 | 000,419,554 | ---- | C] (SearchAmong ) -- C:\Users\Patrik\AppData\Roaming\satoolbar.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/13 19:19:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/13 19:18:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/08/13 18:30:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/13 18:30:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/13 18:26:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/13 18:22:32 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/13 18:21:54 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/08/13 18:21:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/13 17:44:42 | 000,000,000 | ---- | M] () -- C:\Users\Patrik\Desktop\ComboFix.com.exe
[2013/08/13 17:34:11 | 000,033,520 | ---- | M] () -- C:\Users\Patrik\Documents\cc_20130813_173407.reg
[2013/08/12 15:40:12 | 000,000,450 | ---- | M] () -- C:\Users\Patrik\AppData\Roaming\burnaware.ini
[2013/08/11 17:33:32 | 001,618,558 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/11 17:33:32 | 000,679,758 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/08/11 17:33:32 | 000,665,738 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/11 17:33:32 | 000,147,542 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/08/11 17:33:32 | 000,127,472 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/04 12:19:01 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\FileViewPro.lnk
[2013/08/02 11:44:45 | 020,938,690 | ---- | M] () -- C:\Monsters, Inc. Run v1.0.1 apkmania.com.apk
[2013/07/31 17:41:51 | 000,000,939 | ---- | M] () -- C:\Users\Patrik\Desktop\µTorrent.lnk
[2013/07/31 16:35:46 | 000,001,274 | ---- | M] () -- C:\Windows\eReg.dat
[2013/07/31 16:35:43 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\Global Operations.lnk
[2013/07/30 18:54:58 | 000,000,037 | -HS- | M] () -- C:\Users\Patrik\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/07/30 18:54:25 | 000,002,935 | ---- | M] () -- C:\Users\Patrik\Desktop\inSSIDer 3.lnk
[2013/07/30 15:29:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/28 14:18:33 | 000,092,712 | ---- | M] () -- C:\Users\Patrik\Documents\cc_20130728_141827.reg
[2013/07/18 00:38:40 | 1530,957,824 | ---- | M] () -- C:\Users\Patrik\Desktop\Fast.and.Furious.6.2013.WEBRip.XviD.AC3+tit.avi
[2013/07/15 05:26:26 | 002,349,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/13 19:18:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/08/13 17:44:55 | 000,000,000 | ---- | C] () -- C:\Users\Patrik\Desktop\ComboFix.com.exe
[2013/08/13 17:34:09 | 000,033,520 | ---- | C] () -- C:\Users\Patrik\Documents\cc_20130813_173407.reg
[2013/08/12 21:17:43 | 038,780,275 | ---- | C] () -- C:\Fire_Busters.apk
[2013/08/11 17:29:24 | 020,938,690 | ---- | C] () -- C:\Monsters, Inc. Run v1.0.1 apkmania.com.apk
[2013/08/11 17:29:14 | 039,200,290 | ---- | C] () -- C:\Toy Story Smash It! v1.00 apkmania.com.apk
[2013/08/07 19:00:04 | 1530,957,824 | ---- | C] () -- C:\Users\Patrik\Desktop\Fast.and.Furious.6.2013.WEBRip.XviD.AC3+tit.avi
[2013/08/04 12:19:01 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\FileViewPro.lnk
[2013/07/31 17:41:51 | 000,000,939 | ---- | C] () -- C:\Users\Patrik\Desktop\µTorrent.lnk
[2013/07/31 16:35:43 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\Global Operations.lnk
[2013/07/30 18:54:58 | 000,000,037 | -HS- | C] () -- C:\Users\Patrik\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/07/30 18:54:25 | 000,002,935 | ---- | C] () -- C:\Users\Patrik\Desktop\inSSIDer 3.lnk
[2013/07/30 15:29:47 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/28 14:18:30 | 000,092,712 | ---- | C] () -- C:\Users\Patrik\Documents\cc_20130728_141827.reg
[2013/06/05 09:45:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/05 09:45:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/05 09:45:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/05 09:45:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/05 09:45:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/09 17:45:48 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/05/07 12:26:36 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/04/28 13:08:32 | 000,007,602 | ---- | C] () -- C:\Users\Patrik\AppData\Local\Resmon.ResmonCfg
[2013/04/20 08:57:10 | 000,000,227 | ---- | C] () -- C:\Windows\PowerReg.dat
[2013/03/27 20:33:09 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/03/27 20:33:02 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/24 11:59:26 | 000,000,026 | ---- | C] () -- C:\Windows\savegame.ini
[2013/03/24 11:47:20 | 000,000,155 | ---- | C] () -- C:\Windows\SIERRA.INI
[2013/01/14 14:23:56 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\wshxt.dll
[2013/01/14 14:23:56 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\wmsprog.dll
[2013/01/14 14:23:55 | 000,124,928 | ---- | C] () -- C:\Windows\SysWow64\kernell.dll
[2013/01/14 12:49:07 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2013/01/06 13:37:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2013/01/05 17:33:58 | 000,000,621 | ---- | C] () -- C:\Users\Patrik\Last session Patrik.prj
[2012/12/02 14:56:54 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/09/25 09:11:57 | 000,000,375 | ---- | C] () -- C:\Users\Patrik\Domácí skupina – zástupce.lnk
[2012/07/14 18:41:23 | 000,003,584 | ---- | C] () -- C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/07 18:35:47 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012/06/02 16:06:34 | 000,584,584 | ---- | C] () -- C:\Windows\adb.exe
[2012/05/25 14:14:54 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/25 14:14:54 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/25 14:14:54 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/05/19 10:00:19 | 000,000,021 | ---- | C] () -- C:\Windows\clofghls.dll
[2012/05/13 12:37:40 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2012/05/09 21:03:39 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2012/03/05 09:23:15 | 000,180,024 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2012/03/05 09:23:15 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2012/02/28 08:16:04 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/02/10 20:28:10 | 000,000,056 | ---- | C] () -- C:\Windows\wincheater.ini
[2012/01/28 13:49:32 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012/01/13 21:20:20 | 000,000,000 | ---- | C] () -- C:\Users\Patrik\AppData\Local\{D4F8497E-B840-41D1-9FA3-B2773A9B1084}
[2011/11/10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/11/09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/24 11:19:15 | 000,001,274 | ---- | C] () -- C:\Windows\eReg.dat
[2011/09/29 17:01:29 | 000,180,024 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011/09/29 17:01:29 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2011/09/27 20:02:10 | 000,000,450 | ---- | C] () -- C:\Users\Patrik\AppData\Roaming\burnaware.ini
[2011/09/16 16:43:40 | 000,000,399 | ---- | C] () -- C:\Users\Patrik\system.cfg
[2011/09/15 00:12:42 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/09/13 17:32:39 | 000,000,849 | ---- | C] () -- C:\Users\Patrik\.recently-used.xbel
[2011/09/10 11:02:55 | 000,000,094 | ---- | C] () -- C:\Users\Patrik\AppData\Local\fusioncache.dat
[2011/09/10 11:01:45 | 001,597,780 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2002/08/29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Patrik\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/27 21:36:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\4Media
[2013/05/29 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Atari
[2012/01/15 11:25:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Audacity
[2013/03/28 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bella Sara
[2011/08/28 21:40:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bioshock
[2013/06/02 16:35:17 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bitcoin
[2012/04/27 20:07:06 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\BSplayer Pro
[2012/08/28 20:13:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Canneverbe Limited
[2011/07/24 16:02:42 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Capcom
[2012/06/10 15:12:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Clock Work
[2012/01/08 11:05:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/24 14:20:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\ConMet
[2013/08/13 17:31:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
[2011/08/28 02:08:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Day 1 Studios
[2013/06/18 21:14:27 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Delta
[2012/12/22 12:11:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Digital_Paper_Products,_I
[2012/06/10 15:10:10 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GameRanger
[2011/08/25 19:07:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GetRightToGo
[2013/06/23 20:37:02 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GHISLER
[2011/09/13 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\gtk-2.0
[2013/04/08 19:44:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\ICQ
[2013/08/04 12:19:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IsolatedStorage
[2011/09/15 21:24:09 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Leadertech
[2011/09/12 18:03:39 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LG Electronics
[2012/09/24 07:54:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Liteon
[2012/06/29 08:31:23 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient
[2012/06/05 09:35:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient2
[2013/07/03 11:32:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\MCommon
[2012/04/06 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mumble
[2013/02/21 13:20:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth Files
[2011/09/17 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Need for Speed World
[2013/07/28 14:12:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Opera
[2012/04/25 21:15:36 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Passware
[2013/07/04 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PerformerSoft
[2013/02/27 13:58:00 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PhotoFiltre
[2012/07/26 19:42:51 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PhotoFiltre 7
[2011/07/24 15:47:31 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PlayFirst
[2012/08/12 10:24:07 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PowerISO
[2011/12/18 03:38:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PunkBuster
[2011/09/14 23:01:05 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\runic games
[2013/07/28 14:14:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Seznam.cz
[2013/07/30 15:38:02 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\SoftGrid Client
[2013/08/04 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Solvusoft
[2012/12/27 20:21:07 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Stereoscopic Player
[2012/04/16 21:37:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TeamViewer
[2011/10/23 18:25:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TP
[2012/07/12 15:36:13 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TuneUp Software
[2012/03/04 13:17:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\twinstar_launcher
[2011/12/18 14:16:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Ubisoft
[2013/03/28 10:22:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Unity
[2013/08/03 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\uTorrent
[2013/01/02 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Wargaming.net
[2013/07/03 11:32:43 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\WinLive

========== Purity Check ==========

[Affondatore]

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,528 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/28 09:14:49 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/07/06 07:16:36 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/07/06 07:16:37 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20130507T101621009932\gencdrom\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2012/03/30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\erdnt\cache64\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[25 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\03362803671dde45fc50c92286a4c1ba\*.tmp files -> C:\Windows\SoftwareDistribution\Download\03362803671dde45fc50c92286a4c1ba\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\096facee7f5bc28363659f05a8251d03\*.tmp files -> C:\Windows\SoftwareDistribution\Download\096facee7f5bc28363659f05a8251d03\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0dc91df9c70bbe03d0d2fc976e91799f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0dc91df9c70bbe03d0d2fc976e91799f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1d2008ca9512b887672ea1041916dd61\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1d2008ca9512b887672ea1041916dd61\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\27f18a17b9aa0306baa879c4704300aa\*.tmp files -> C:\Windows\SoftwareDistribution\Download\27f18a17b9aa0306baa879c4704300aa\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2ee2700248091ae70a9add61528396c7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2ee2700248091ae70a9add61528396c7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3b39850e56b0a434ba287630100912c8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3b39850e56b0a434ba287630100912c8\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\51c85ac29d5df26aba81bdcbe4c0eede\*.tmp files -> C:\Windows\SoftwareDistribution\Download\51c85ac29d5df26aba81bdcbe4c0eede\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\55f75f185ccfa484dbb705fc93df5260\*.tmp files -> C:\Windows\SoftwareDistribution\Download\55f75f185ccfa484dbb705fc93df5260\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6d7e7761a3455b2f6ea15bec207cd6d3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6d7e7761a3455b2f6ea15bec207cd6d3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\761b05a8309900878ba5b5be04044e86\*.tmp files -> C:\Windows\SoftwareDistribution\Download\761b05a8309900878ba5b5be04044e86\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7a98c880537cf99452ff75acf39bba3f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7a98c880537cf99452ff75acf39bba3f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\809dc843cdf732defc0195c260c6f571\*.tmp files -> C:\Windows\SoftwareDistribution\Download\809dc843cdf732defc0195c260c6f571\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8203120214560b3c41749aa863ff3299\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8203120214560b3c41749aa863ff3299\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\82a6826784888049454ed062b0ec8084\*.tmp files -> C:\Windows\SoftwareDistribution\Download\82a6826784888049454ed062b0ec8084\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\93d61bf5880947a37cabfac4264997f3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\93d61bf5880947a37cabfac4264997f3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a46282f3f631d7d42cb8d22384887cb5\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a46282f3f631d7d42cb8d22384887cb5\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ba7b83ad04feed255d519872edcc4701\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ba7b83ad04feed255d519872edcc4701\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6f0f2de850502132a245b023b1f92f3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6f0f2de850502132a245b023b1f92f3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\edc26da44905a06f22d4329f5f07335c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\edc26da44905a06f22d4329f5f07335c\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/12/27 21:36:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\4Media
[2013/08/02 23:39:38 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Adobe
[2012/10/11 20:24:13 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Apple Computer
[2013/05/29 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Atari
[2011/07/20 21:00:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\ATI
[2012/01/15 11:25:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Audacity
[2013/03/28 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bella Sara
[2011/08/28 21:40:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bioshock
[2013/06/02 16:35:17 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bitcoin
[2012/04/27 20:07:06 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\BSplayer Pro
[2012/08/28 20:13:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Canneverbe Limited
[2011/07/24 16:02:42 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Capcom
[2012/06/10 15:12:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Clock Work
[2012/01/08 11:05:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/24 14:20:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\ConMet
[2011/08/13 10:15:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\CyberLink
[2013/08/13 17:31:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
[2011/08/28 02:08:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Day 1 Studios
[2013/06/18 21:14:27 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Delta
[2012/12/22 12:11:22 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Digital_Paper_Products,_I
[2013/07/25 08:08:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\dvdcss
[2012/06/10 15:10:10 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GameRanger
[2011/08/25 19:07:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GetRightToGo
[2013/06/23 20:37:02 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GHISLER
[2011/07/21 20:43:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Google
[2011/09/13 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\gtk-2.0
[2011/09/29 17:09:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\HP
[2013/04/08 19:44:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\ICQ
[2011/07/20 19:51:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Identities
[2011/07/20 19:52:42 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Intel Corporation
[2013/08/04 12:19:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IsolatedStorage
[2011/09/15 21:24:09 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Leadertech
[2011/09/12 18:03:39 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LG Electronics
[2012/09/24 07:54:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Liteon
[2012/06/29 08:31:23 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient
[2012/06/05 09:35:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient2
[2011/07/20 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Macromedia
[2013/06/04 16:55:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Malwarebytes
[2013/07/03 11:32:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\MCommon
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Media Center Programs
[2013/06/03 10:28:00 | 000,000,000 | --SD | M] -- C:\Users\Patrik\AppData\Roaming\Microsoft
[2013/04/23 14:52:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Microsoft Games
[2012/12/25 17:05:31 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mozilla
[2012/04/06 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mumble
[2013/02/21 13:20:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth Files
[2011/09/17 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Need for Speed World
[2013/07/28 14:12:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Opera
[2012/04/25 21:15:36 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Passware
[2013/07/04 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PerformerSoft
[2013/02/27 13:58:00 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PhotoFiltre
[2012/07/26 19:42:51 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PhotoFiltre 7
[2011/07/24 15:47:31 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PlayFirst
[2012/08/12 10:24:07 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PowerISO
[2011/12/18 03:38:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PunkBuster
[2011/09/14 23:01:05 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\runic games
[2011/07/25 23:32:25 | 000,000,000 | RH-D | M] -- C:\Users\Patrik\AppData\Roaming\SecuROM
[2013/07/28 14:14:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Seznam.cz
[2013/07/28 14:15:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Skype
[2013/07/30 15:38:02 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\SoftGrid Client
[2013/08/04 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Solvusoft
[2012/12/27 20:21:07 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Stereoscopic Player
[2012/04/16 21:37:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TeamViewer
[2011/12/11 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\THQ
[2011/10/23 18:25:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TP
[2012/07/12 15:36:13 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TuneUp Software
[2012/03/04 13:17:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\twinstar_launcher
[2011/12/18 14:16:47 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Ubisoft
[2013/03/28 10:22:37 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Unity
[2013/08/03 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\uTorrent
[2013/08/08 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\vlc
[2013/01/02 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Wargaming.net
[2013/07/03 11:32:43 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\WinLive
[2011/07/21 23:39:08 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2002/08/29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Patrik\AppData\Roaming\MafiaSetup.exe
[2012/10/08 21:11:11 | 000,419,554 | ---- | M] (SearchAmong ) -- C:\Users\Patrik\AppData\Roaming\satoolbar.exe
[2012/10/08 21:11:44 | 006,312,677 | ---- | M] (VIO ) -- C:\Users\Patrik\AppData\Roaming\vio_clean.exe
[2010/07/13 14:02:01 | 000,038,200 | ---- | M] () -- C:\Users\Patrik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/01/28 13:49:32 | 000,010,134 | R--- | M] () -- C:\Users\Patrik\AppData\Roaming\Microsoft\Installer\{14EC371D-145C-9AC3-B3A8-EA90C6B0325E}\ARPPRODUCTICON.exe
[2012/02/16 21:58:27 | 000,010,134 | R--- | M] () -- C:\Users\Patrik\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013/01/05 18:18:39 | 005,359,528 | ---- | M] (Power Software Ltd) -- C:\Users\Patrik\AppData\Roaming\PowerISO\Upgrade\PowerISO5.exe
[2013/07/30 22:00:00 | 001,129,552 | ---- | M] (BitTorrent Inc.) -- C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
[2013/07/30 22:00:00 | 001,129,552 | ---- | M] (BitTorrent Inc.) -- C:\Users\Patrik\AppData\Roaming\uTorrent\updates\3.3.1_29963.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/08/13 19:19:05 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/08/13 18:22:32 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/13 19:26:01 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/08/13 18:21:55 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013/07/27 00:46:22 | 001,807,272 | ---- | M] (Valve Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"SaitekInstall" = "D:\x64\Setup.exe" -S0 -R
"BitTorrent" = "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
"ICQ" = "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4 -- [2012/01/22 11:02:26 | 000,127,040 | ---- | M] (ICQ, LLC.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012/04/17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"MyBrowserCash" = C:\Program Files (x86)\MyBrowserCash\MyBrowserCash.exe
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/08/24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/07/25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) MD5=ECCA7F72A24C7CF43131946C076689D1 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/08/13 19:18:57 | 000,000,512 | ---- | M] () MD5=4BBA03EF1C6694BD2731F26D7B4764F4 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2007/03/14 20:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007/03/14 18:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007/03/14 18:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007/03/08 17:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2012/11/30 10:55:38 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2001/01/16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001/01/16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2010/03/24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2002/02/11 19:29:32 | 000,033,192 | ---- | M] () -- \Program Files (x86)\Crave\Global Operations\Globalops\sounds\weapons\pistols\AnacondaLoader.wav
[2009/05/21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/09/20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/09/20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2012/01/22 11:02:22 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/01/22 11:02:23 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/01/22 11:02:22 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/04/11 17:34:41 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012/01/22 11:02:51 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010/06/01 23:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2008/06/20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010/03/24 21:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 21:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2012/11/09 19:51:32 | 000,016,384 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloader.bestvideodownloader.com_0.localstorage-journal
[2012/11/03 21:13:06 | 000,011,864 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage-journal
[2012/09/05 16:35:46 | 000,009,800 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.1click-downloader.net_0.localstorage-journal
[2010/09/22 13:16:48 | 000,005,273 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2012/08/29 14:45:58 | 000,000,847 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\ajax-loader.gif
[2012/08/29 14:45:58 | 000,001,135 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\loader-icon.png
[2012/08/29 14:45:58 | 000,003,208 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ui\gf\img\loader.gif
[2012/08/29 14:45:58 | 000,001,849 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012/11/13 03:12:56 | 000,001,607 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\rafuc4p4.default\extensions\ffxtlbr@delta.com\content\loader.xul
[2012/08/17 14:15:18 | 006,396,128 | ---- | M] () -- \Users\Patrik\Desktop\AT cata\BackgroundDownloader.exe
[2013/08/13 18:20:12 | 000,028,560 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-BC94E7C6.pf
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996/10/15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996/10/15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 08:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/09/30 14:48:56 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/09/30 14:48:56 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010/09/30 14:48:56 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010/09/30 14:48:56 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010/09/30 14:48:56 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012/03/07 21:50:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/03/07 21:50:37 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/03/07 21:50:37 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/03/07 21:50:37 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/03/07 21:50:37 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/09/30 14:45:52 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010/01/22 10:31:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16508_none_b7752fe386144dba.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2010/01/22 12:00:30 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20624_none_b7e52bae9f45c00a.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2012/06/29 17:27:21 | 000,001,024 | ---- | M] ()(C:\Users\Patrik\AppData\Local\PMB Fik?s) -- C:\Users\Patrik\AppData\Local\PMB Fik聥s
[2012/06/29 17:27:21 | 000,001,024 | ---- | C] ()(C:\Users\Patrik\AppData\Local\PMB Fik?s) -- C:\Users\Patrik\AppData\Local\PMB Fik聥s

========== Alternate Data Streams ==========

@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:638E6F6B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:90108DD7

< End of report >

[Rudy]

Spusťte znovu OTL a do dolního okna zkopírujte:

:OTL
@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:638E6F6B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:90108DD7
E:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444& ... 0F6E0D56E9
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 0F6E0D56E9
IE - HKU\S-1-5-21-977518187-2707889140-4114514332-1000\..\SearchScopes\{D01D03FD-7D59-4892-BDDE-B958890A185D}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=cc6a86d5-6acc-4d4f-be52-c664be061319&apn_sauid=D8D369C7-A44A-4D82-9F0B-E7D6E615C363
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={search ... 0F6E0D56E9
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
Drivers32: VIDC.FPS1 - frapsvid.dll File not found

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"MyBrowserCash" =-


:files
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Patrik\AppData\Roaming\Bitcoin
C:\Users\Patrik\AppData\Roaming\satoolbar.exe
C:\Windows\hpoins28.dat.temp
C:\Windows\hpomdl28.dat.temp
C:\Windows\hpoins28.dat
C:\Windows\hpomdl28.dat
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

a kliněte na >opravit<

OTL provede opravu a vypíše log, který sem vložte.

[Affondatore]

All processes killed
========== OTL ==========
ADS C:\ProgramData\CLDShowX.ini:Update.CL deleted successfully.
ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
ADS C:\ProgramData\Temp:CDFF58FE deleted successfully.
ADS C:\ProgramData\Temp:E36F5B57 deleted successfully.
ADS C:\ProgramData\Temp:93EB7685 deleted successfully.
ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.
ADS C:\ProgramData\Temp:1A60DE96 deleted successfully.
ADS C:\ProgramData\Temp:638E6F6B deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
ADS C:\ProgramData\Temp:E3C56885 deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
ADS C:\ProgramData\Temp:90108DD7 deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-977518187-2707889140-4114514332-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-977518187-2707889140-4114514332-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D01D03FD-7D59-4892-BDDE-B958890A185D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D01D03FD-7D59-4892-BDDE-B958890A185D}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gopher\ deleted successfully.
File Protocol\Handler\gopher - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FPS1 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled\\MyBrowserCash deleted successfully.
========== FILES ==========
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Users\Patrik\AppData\Roaming\Bitcoin\chainstate folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Bitcoin\blocks\index folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Bitcoin\blocks folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Bitcoin folder moved successfully.
C:\Users\Patrik\AppData\Roaming\satoolbar.exe moved successfully.
C:\Windows\hpoins28.dat.temp moved successfully.
C:\Windows\hpomdl28.dat.temp moved successfully.
C:\Windows\hpoins28.dat moved successfully.
C:\Windows\hpomdl28.dat moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\74224F8D4A1748169EDB7BB854DE532C.TMP folder moved successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Patrik
->Temp folder emptied: 11128 bytes
->Temporary Internet Files folder emptied: 295314 bytes
->Java cache emptied: 2367231 bytes
->FireFox cache emptied: 4998448 bytes
->Google Chrome cache emptied: 147520557 bytes
->Flash cache emptied: 45041 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34883729 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36063285 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 736 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 216.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Patrik
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Patrik
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08132013_202529

Files\Folders moved on Reboot...
C:\Users\Patrik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Rudy]

Vše smazáno. Nastala nějaká změna?