Kamarad notebook

[Márty84]

Jeste jeden sken a budem mazat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[toox]

OTL Extras logfile created on: 5/8/2014 10:25:40 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.68 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 40.92% Memory free
7.36 Gb Paging File | 4.76 Gb Available in Paging File | 64.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 162.57 Gb Free Space | 36.32% Space Free | Partition Type: NTFS
Drive G: | 3.77 Gb Total Space | 0.31 Gb Free Space | 8.20% Space Free | Partition Type: FAT32

Computer Name: PEPA | User Name: Pepik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Pepik\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Pepik\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05630C41-7EFC-47DB-8792-8AF59B06A7E6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0D9B569C-D819-4422-B3CE-FEFAED931E4C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{193EC665-3534-447A-BAB0-733F798307DF}" = rport=137 | protocol=17 | dir=out | app=system |
"{19FEB05F-156D-45BC-9EDA-F154126AF331}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A5C3F0A-387F-4A04-AABB-52750FBB40C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1B59644D-7CBC-4097-8107-2ED80223A350}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D106A68-81CD-4478-B9EC-CE8748D8B4C9}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{52BFDD52-EE89-4E52-8C57-D2B77411CE4B}" = rport=445 | protocol=6 | dir=out | app=system |
"{548BD72D-F969-4F09-BFA6-B779409B2ACD}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{599DC099-778D-4CD2-A84B-F56928683485}" = rport=138 | protocol=17 | dir=out | app=system |
"{5A8E8B95-81AE-4EE0-8219-1E88497848FA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6187398C-624B-4F8B-86C2-774C0381EF92}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{75717E04-E84F-427F-93AF-94F8DF6D76F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{772254F9-F6A1-40A8-9B34-FFE6E8670657}" = lport=137 | protocol=17 | dir=in | app=system |
"{7A1C97C1-AD44-4599-B91B-8171E34B56EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A21310E-8B3E-40C7-B588-BD8BC7E63A2E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A27C607-51CB-4D27-B01B-563707B1C209}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A70E5DF-BE88-49F7-AF73-517907C7BBC6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{81E66C8E-E017-46F4-9DEC-F38CF84B5B63}" = lport=2869 | protocol=6 | dir=in | app=system |
"{89D783A3-A333-449F-9B83-FDFD458E84F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CF8C130-4B5D-4FE8-883A-ABE0CAD9D172}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{953F0DDD-340B-4C29-87FA-3102F2258E23}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{96C81411-F327-41FE-8CBA-CD3C6E540A8D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BCE57FE-74D4-4D09-A26F-E4247D1B2590}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B774144A-6A8B-4723-9B13-3C43880F03D3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CD4FCB0E-AE3B-4318-9DAA-53204441B0FA}" = rport=139 | protocol=6 | dir=out | app=system |
"{D681F1F5-10C2-4048-ACC5-7444A0FD39F4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D74BB254-0310-4261-BC87-D6F28635F193}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D95F347B-13C8-4394-A07C-FA824B830F42}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6E3CF73-76A2-4566-8DFE-59C1D2F6239C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FB8B98E5-E989-4A03-BA5F-2738A964B678}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE56310E-BF3B-42A7-8D28-A0C23EA9DB9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015DDEED-662B-47B7-863C-16BCFBCEF030}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{051F0171-F231-44F8-BDA3-5C00E89CA503}" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{07F03C01-EC74-44E6-92DA-BDE3CF416CE7}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{1378F61F-AB4E-49EA-84AB-1D013E14EE90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1618AE9E-9C9B-446E-8B82-30DE3D4D3BC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2067F595-3F8F-49B7-A514-D61D83C4F481}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21A64971-24FC-477C-BD86-B3509F120AF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{2DA5F5F6-BBE7-46F5-81B8-4494FE7DBEDE}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2F575A1A-67DB-445E-974E-43705358E5E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2FBCF90C-7034-49F8-9332-EA19D72C139C}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{389F324C-E1E4-4761-ACA8-15C664F7D6FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38ADAD8D-53DA-43E7-9DB2-E1BAD04BA983}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{3A2929BB-95B8-44E0-AF5D-7115DB9410E1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44ADB9FF-F4F9-4362-A26B-432584A07429}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4704BF42-F0DD-4632-BBC9-6797C7DE5441}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{4BB6DF95-4006-47B0-B998-7CB6E1F398B5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4C9D6B6B-DFF3-4600-B403-E6B3BE2A94FB}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{5747267C-B7E8-4455-B765-C2CFC18F71B2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5AC3BEBE-850F-4471-AB17-EA8CB0A689E1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5C9225DF-E9FB-46E6-814E-D1EF6AE3902B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5E02E0A3-5B19-47F8-AC4A-A4D1F23343AC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6D59B72C-962D-4172-A04B-CB1EF4216349}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{71A152C7-1D3B-4650-B355-22124FA776F2}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{71E666A6-687F-4664-A9ED-E87D8DC7A857}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{762D903D-0DD2-4172-A4F3-D969D4FE2558}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7754265A-0485-4BA1-81CC-3FC5B449BB1C}" = dir=in | app=c:\users\pepik\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7C92C94B-DF0C-4F27-831D-49AD812DBF7A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CD4E390-5D24-46E8-91A4-CDB5C4F3BD99}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{7D399836-5DEB-49F5-A3D2-1094F956E8C3}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{7ECB1A33-12F4-457F-81FC-BB36C1E0E3B0}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{8D9EB1C5-7062-4F6B-BEAB-0C928F6E673D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{934ADA3C-E8A7-4DA2-8784-FE9D9DA64E67}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A0034315-DF40-4D3E-B1A6-858E4297C8EF}" = protocol=17 | dir=in | app=c:\users\pepik\appdata\local\akamai\netsession_win.exe |
"{A224C994-804B-4D02-B34E-CDDB4AF796EC}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{A379BAA4-A922-4A7F-9DA0-B4DCD0760493}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A5448EF5-A210-4DF1-AE37-1CC23B2DFBA5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A6741216-4839-4F02-B91B-09EAB1AF1B73}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{AE337637-8762-4952-B032-922D2AE988B0}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{B0908840-4365-4B98-A064-E8E1F4111745}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B4447C4D-4992-4D84-A71D-88EBF05BDBD8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B574A1F6-0A7B-4B5E-8D2C-147E43BDF871}" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{BCCB884B-CFE9-4432-A527-09CF3C0788B0}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{C6CC15A2-E4B5-4B21-BD21-8443FDDF8F80}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CC38497A-0385-4341-B222-9A69DBFB190C}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{CDF497B2-244F-4D29-932A-57E8C04CBC51}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CDFD7A36-A87D-4A86-AA36-594A00DF093F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D273C69C-E3F9-4DA1-9D90-AB056F4BD409}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D30F365C-3C08-4BE6-A6EB-CC62588DF478}" = protocol=17 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"{D37F0881-5F3A-4C58-A1D6-6D9DCFEE4C4A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DB620390-33A8-4494-958F-8BAA6A855DFB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DC7B3DB4-F53A-4398-9CB0-88FD3190BE2A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DDA42F2B-EFAA-4273-8C8E-04DC3EBC0EB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1668F3D-AF1D-4CF9-9E98-824BA8A47505}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E35E4D3F-C842-4F52-9141-DB9E89EE6466}" = protocol=6 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"{EA66C5E9-AB57-4449-A849-40D41CA0D55E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{EAB90E00-5166-4BCE-B3FC-05B571604882}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{F16DED0D-BB4E-45C8-AEFD-1012CEB49CFC}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{F3DAED8B-C561-49D6-A3DD-5F165947079C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FA7A0F20-6A95-4E00-BDB2-1A4908F9604B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FBE9E82C-E0FB-4EC7-8505-658BBF39C506}" = protocol=6 | dir=in | app=c:\users\pepik\appdata\local\akamai\netsession_win.exe |
"{FC5925F6-C5FC-42D3-9065-820BB4E897DE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCB9AEFF-FDD6-4D75-B3E5-24817B1E3161}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FD7E1970-41A9-4933-9EEF-2B6C3774050D}" = protocol=6 | dir=out | app=system |
"{FEC6DA59-410D-474D-A514-DFE7EB1922EB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{011045B3-497E-430E-8D34-D6D6FB5CDDFC}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{05520CD0-95ED-4468-97AF-F57D7C48C378}C:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe |
"TCP Query User{1061AD92-7113-42F6-A925-FDCA4C3700ED}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{1425F909-721E-4498-8E2E-1D7091656D06}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{1A378E04-94EE-4341-85AB-E0402F532009}C:\program files\codemasters\operation flashpoint\operationflashpoint.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\operation flashpoint\operationflashpoint.exe |
"TCP Query User{239A5A87-219D-4475-AA26-81BAA84F193F}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{27131BE5-BD67-4475-81F1-C9F1AEE5BD12}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{29FEA3B2-9032-4C49-9F21-5C9BC44512C1}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{3384FA01-8813-4719-95F4-81BE624A32D6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3A8D28E1-6445-4165-820D-9FA5BC320297}C:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"TCP Query User{3ED93162-8ED1-4B8E-9D4C-6820189F6395}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{444AE001-2692-4233-A2E0-BBE4D3DBA278}C:\users\pepik\desktop\hry\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\call of duty\codmp.exe |
"TCP Query User{5444DE6E-90F5-4FB8-9644-04934C9CC9A2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{587B94EE-6CF9-4ACD-9BFE-447F47B4E640}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{5FF43B8D-B5E1-4BE9-B1CB-B09579EBDD18}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{690401F7-044A-493E-B443-6A7CC4580E8A}C:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe |
"TCP Query User{6F79003C-6709-4B99-9A80-A891B14A9745}C:\program files (x86)\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"TCP Query User{6FC5ABB6-DEED-49F4-A246-5C32FA8B704A}D:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{70E411D6-30EF-4A88-A734-852EAF127D85}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{80EB5037-6969-43AF-9DAE-C19B1DFCA09E}C:\users\pepik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\pepik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{88049C37-F117-45C9-9CF0-67A7338F3414}C:\users\pepik\desktop\hry\ekura\client.bin" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\ekura\client.bin |
"TCP Query User{8CA997AA-6D7C-4278-B2A2-2792259E73B8}C:\program files (x86)\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"TCP Query User{A0DCBAC5-938B-4F12-99B1-D3BA0026A18E}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{A35B5E75-B9AD-4252-A7B6-4BE5421446CB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{A3F99437-6292-4545-8290-4584BCF0C726}C:\program files (x86)\ea sports\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\nhl 09\nhl2009.exe |
"TCP Query User{AB60B9BF-366F-40EC-A1EE-D6539AA7160A}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{BD61922B-2228-4F17-996C-767E97FA5F22}C:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe |
"TCP Query User{D5349812-7730-4D8A-8CE6-21723CF04602}C:\program files (x86)\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"TCP Query User{D6B65D4B-340E-4713-931A-58C3E6B90A25}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D83C4E02-5492-48CF-B1C4-4FFE0B6917B7}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{E024D277-9497-4D7B-B0BC-5B5B8396A196}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{E052BA17-789C-4A50-868C-123C9D20272D}C:\users\pepik\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\pepik\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E9261615-CDEF-47C0-A2C5-338F6E98E2E8}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{1EAE0B2B-6D5D-4C5F-A50F-86BE4F5E59D6}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{1FC2E00C-2064-4A5F-930F-F4895022F3D3}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{2458390D-5091-4915-BDEC-E6EDCC1437FD}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{2B767A6C-1051-4251-90B0-CC957A9E93AD}C:\program files (x86)\ea sports\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\nhl 09\nhl2009.exe |
"UDP Query User{2BADB6DD-A76B-4AF6-86D4-22E78121D6BB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{31B1E990-4DF2-4352-AE7F-BD32E3F8AB51}C:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe |
"UDP Query User{32AA8BE6-63C6-4FF4-B4E5-E5B1CCD760F0}C:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe |
"UDP Query User{362DE726-DF82-4669-95FD-6BCF3DD37B47}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{39FD3E08-FD8E-4965-A667-BF18D60495EA}C:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{3BA6085F-56C0-4E17-B488-C8062F414E62}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{3DC43CB3-3679-4AF4-8AA9-103FE52A31A7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{3E458CF0-D113-42DA-8386-A2B6EFD47C1B}C:\program files\codemasters\operation flashpoint\operationflashpoint.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\operation flashpoint\operationflashpoint.exe |
"UDP Query User{499121EC-DAD3-4BDD-B25A-C624927683CD}C:\program files (x86)\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"UDP Query User{5D5DF7FF-B376-43DB-8820-96E1393D110C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{612296F7-BA40-4311-9920-3D8F417823B3}C:\users\pepik\desktop\hry\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\call of duty\codmp.exe |
"UDP Query User{79D22DF7-6900-4CF4-B2B6-DFF32224F9A7}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7B556092-FF5B-42CC-86FF-D867BB9DC093}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{8A7B2D27-C0B5-443F-8C7D-2926D57EE20C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{925BCDDD-ED51-4383-8257-CBF6A48187A9}C:\users\pepik\desktop\hry\ekura\client.bin" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\ekura\client.bin |
"UDP Query User{94F1FD37-6C68-4935-9AEF-378915BFA002}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{98E99ADF-70D3-4003-B165-F8B67B4BE396}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A38ED2A4-9A5A-49BC-B1E0-D9AE70DA97E1}C:\program files (x86)\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"UDP Query User{AC80AB6A-ACE0-4097-B779-F0FB3EC4C529}C:\users\pepik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\pepik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{AFF526EB-C209-4456-B5AA-6E886ED0BD16}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{B4C07F71-3DD8-48AA-93CF-CE8C427C2280}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{B9330302-BB12-4663-BD8B-47E06191A985}C:\users\pepik\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\pepik\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CC25FECE-A725-41FC-8794-509B1C41FCE7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{CC477757-3B2C-4DEF-B477-54CDB649CDB0}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{D6A24935-5E3D-4A21-A145-575EC5E0B196}D:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{DA2AA511-FFF8-472E-A529-DC44D29082C7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{DD1F9F15-4500-4368-AB97-360B67AD30B4}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{DDD38416-70EB-417B-B02E-8D7663F00B5F}C:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe |
"UDP Query User{F0B6B661-31B2-4D9B-87C1-F679B773749D}C:\program files (x86)\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{29AFE1B0-26A4-11E1-BFD4-F04DA23A5C58}" = MSVCRT Redists
"{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{331F3940-4093-11E1-9565-F04DA23A5C58}" = MSVCRT Redists
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-bit)
"z3ta+_x64_is1" = rgc:audio z3ta+ 1.5 (x64)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0824EE6D-137F-4B83-9628-8E7B000BEBA6}" = Rail Simulator
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{15CEC2E1-16AF-11D9-88E4-0004769F25D1}" = Colin McRae Rally 2005
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1BB0C126-7F97-4438-B9CD-8954660474CD}" = ReFX Nexus 2.3.4 Update
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{5054562D-5247-006A-76A7-A758B70C0A06}" = Ask Toolbar
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{631A0B87-B0B7-4B47-00A2-119A4B942EB6}" = Clive Barker's Undying
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1" = Minecraft Auto version 1.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7104189A-C592-4A56-AC9E-7C0CA135DA3C}" = AGEIA PhysX v6.10.25
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{7369806D-A4EC-47D2-AD2E-77632F52A663}_is1" = Bus Driver
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader HD
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1F5E26D-F22E-4DE4-994E-50F51BB3327F}" = ReFX Nexus 2.3.4 USB-eLicenser Emulator
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}" = Total Immersion Racing
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E00EA780-9C24-47BA-B9C8-210316D1C461}_is1" = Auto Mouse Clicker v3.4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F084204C-5497-4DC2-893E-D31CF5C640E8}" = Gaming Mouse Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F168AFC5-B8C9-4165-A23E-E3EA1BE5531E}" = Psi Ops
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced RAR Password Recovery" = Advanced RAR Password Recovery (remove only)
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Audacity_is1" = Audacity 2.0.2
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Call of Duty" = Call of Duty
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Clownfish" = Clownfish for Skype
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Core Temp ~ Čestina 1.0 RC3" = Core Temp ~ Čestina 1.0 RC3
"Counter-Strike 1.6" = Counter-Strike 1.6 v23
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarCry AMD64 ECU for x32 Edition" = FarCry AMD64 ECU for x32 Edition
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FL Studio 10" = FL Studio 10
"Flashpoint" = Flashpoint uninstall
"Flvto Youtube Downloader" = Flvto Youtube Downloader
"Fraps" = Fraps (remove only)
"Freemake Video Converter_is1" = Freemake Video Converter verze 3.0.1
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Game Dev Tycoon CZ" = Game Dev Tycoon CZ
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"GOGPACKUNDYING_is1" = Clive Barker's Undying
"GOM Player" = GOM Player
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"IMG Tool" = IMG Tool (remove only)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0824EE6D-137F-4B83-9628-8E7B000BEBA6}" = Rail Simulator
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"Lennar Digital Sylenth VSTi v1.2.1" = Lennar Digital Sylenth VSTi v1.2.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"MotoGP2_is1" = MotoGP2
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 2 Ogg Lab 2004_is1" = MP3 2 Ogg Lab 2004
"Need for Speed Most Wanted (black edition)" = Need for Speed Most Wanted (black edition)
"NFS: Most Wanted" = NFS: Most Wanted CZ
"OpenAL" = OpenAL
"R2FtZURldlR5Y29vbnYxMzI=_is1" = Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"rgcAudio z3ta Plus v1.40" = rgcAudio z3ta Plus v1.40
"Sanny Builder 3_is1" = Sanny Builder 3.01
"Shockwave" = Shockwave
"SimilarWeb" = SimilarWeb
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WWE RAW - Ultimate Impact_is1" = WWE RAW - Ultimate Impact
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{36E86B2F-A438-4376-9EA0-D3DA9F11149E}" = Search.us.com
"{DD0BAC90-4337-4EEF-8A03-61FB5BB5F831}" = Search.us.com
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"Counter-Strike 1.6 v42b instalace" = Counter-Strike 1.6 v42b instalace
"Google Chrome" = Google Chrome
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/2/2014 11:46:08 AM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko:
0x72454562 Název chybujícího modulu: LS3DF.dll, verze: 0.0.0.0, časové razítko:
0x3ef851b2 Kód výjimky: 0xc0000005 Posun chyby: 0x0005ac4b ID chybujícího procesu:
0x924 Čas spuštění chybující aplikace: 0x01cf661af684e7b2 Cesta k chybující aplikaci:
C:\Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\Game.exe Cesta k chybujícímu
modulu: C:\Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\LS3DF.dll ID zprávy:
e04051f3-d210-11e3-ad90-dc0ea10325dc

Error - 5/3/2014 2:47:00 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/4/2014 3:56:10 AM | Computer Name = Pepa | Source = Freemake Improver | ID = 0
Description = Službu nelze spustit. Proces služby se nemohl připojit k síťovému
řadiči

Error - 5/4/2014 3:57:16 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/4/2014 6:40:31 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/5/2014 7:43:16 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/6/2014 7:46:06 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/6/2014 12:27:02 PM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 13.0.1.0, časové razítko:
0x5022da52 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b83c8a Kód výjimky: 0xc06d007e Posun chyby: 0x0000c41f ID chybujícího
procesu: 0x14e0 Čas spuštění chybující aplikace: 0x01cf6947fddb99da Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe Cesta k
chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 40a1d242-d53b-11e3-8472-dc0ea10325dc

Error - 5/7/2014 1:18:52 PM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 5/8/2014 2:31:30 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/12/2012 7:50:13 AM | Computer Name = Pepik-PC | Source = MCUpdate | ID = 0
Description = 12:50:09 - Chyba při připojování k Internetu 12:50:10 - Nelze kontaktovat
server..

Error - 3/28/2012 1:00:19 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:00:19 - Chyba při připojování k Internetu 7:00:19 - Nelze kontaktovat
server..

Error - 3/28/2012 1:00:32 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:00:24 - Chyba při připojování k Internetu 7:00:24 - Nelze kontaktovat
server..

Error - 7/9/2012 1:19:41 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:19:41 - Chyba při připojování k Internetu 7:19:41 - Nelze kontaktovat
server..

Error - 7/21/2012 4:34:52 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 22:34:51 - Chyba při připojování k Internetu 22:34:51 - Nelze kontaktovat
server..

Error - 7/21/2012 5:34:59 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 23:34:59 - Chyba při připojování k Internetu 23:34:59 - Nelze kontaktovat
server..

Error - 7/21/2012 6:35:21 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 0:35:20 - Chyba při připojování k Internetu 0:35:21 - Nelze kontaktovat
server..

Error - 7/23/2012 1:13:38 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 19:13:38 - Chyba při připojování k Internetu 19:13:38 - Nelze kontaktovat
server..

Error - 7/28/2012 2:44:13 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 8:44:13 - Chyba při připojování k Internetu 8:44:13 - Nelze kontaktovat
server..

Error - 8/7/2012 1:38:05 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:38:05 - Chyba při připojování k Internetu 7:38:05 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 1/9/2012 2:05:21 PM | Computer Name = Pepik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 798 seconds with 540 seconds of active time. This session ended with a crash.

Error - 1/9/2012 2:08:19 PM | Computer Name = Pepik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 155 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/4/2014 6:40:14 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Freemake Improver bylo dosaženo časového
limitu (30000 ms).

Error - 5/4/2014 6:40:14 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba Freemake Improver neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 5/4/2014 6:40:24 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 5/5/2014 7:42:07 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 5/6/2014 7:45:47 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 5/6/2014 12:05:01 PM | Computer Name = Pepa | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 5/6/2014 12:05:01 PM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 5/6/2014 1:03:39 PM | Computer Name = Pepa | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 5/7/2014 1:18:39 PM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 5/8/2014 2:31:15 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058


< End of report >

[toox]

¨OTL logfile created on: 5/8/2014 10:25:40 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.68 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 40.92% Memory free
7.36 Gb Paging File | 4.76 Gb Available in Paging File | 64.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 162.57 Gb Free Space | 36.32% Space Free | Partition Type: NTFS
Drive G: | 3.77 Gb Total Space | 0.31 Gb Free Space | 8.20% Space Free | Partition Type: FAT32

Computer Name: PEPA | User Name: Pepik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/05/08 10:20:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pepik\Downloads\OTL.exe
PRC - [2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014/03/19 01:46:35 | 000,196,048 | ---- | M] (APN LLC.) -- C:\Users\Pepik\AppData\Local\VNT\vntldr.exe
PRC - [2014/03/12 03:54:58 | 000,108,032 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2014/03/12 03:54:56 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/23 14:54:33 | 003,567,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2013/10/22 16:03:53 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/08/18 09:12:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/09/20 08:44:16 | 000,296,392 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
MOD - [2014/04/24 02:33:12 | 013,692,232 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014/04/24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/24 02:33:05 | 000,674,632 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014/04/24 02:33:04 | 000,093,000 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014/04/24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013/10/22 16:03:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2011/04/24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/22 16:03:53 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/05/08 09:51:53 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014/05/01 19:56:48 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/12 03:54:58 | 000,108,032 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/03/12 03:54:56 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/07 15:14:14 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/18 09:12:01 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/26 00:51:53 | 004,460,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/04/26 15:03:36 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/10/09 17:59:19 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 16:18:00 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013/10/22 16:04:01 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/10/22 16:04:01 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/10/22 16:04:01 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/10/22 16:04:01 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/10/22 16:04:01 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/10/22 16:04:01 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/10/22 16:03:59 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/04/15 23:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/11/09 15:11:20 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/08 18:36:14 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/02 05:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/02/11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2011/01/18 00:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/07/20 02:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/27 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009/09/19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009/09/19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/31 09:39:36 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.p ... 495951&ir=
IE:64bit: - HKLM\..\SearchScopes\{7603420F-1940-B9EF-2221-3F9F755D2323}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.p ... 495951&ir=


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.search.us.com/v/2/?guid={D ... 1}&serpv=5
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\URLSearchHook: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{268DDC2E-9AB6-4AF7-A619-699D23176C72}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.p ... 495951&ir=
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3225826
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{451048B7-4A2C-4AD8-95A6-9559F7591203}: "URL" = http://search.us.com/serp?guid={36E86B2 ... earchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{4AF75676-BE7D-4E32-995A-FBB252803C6B}: "URL" = http://search.yahoo.com/search?p={searc ... type=10513
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{4D8E786B-26A0-4C75-89D9-032F4876CCC3}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{5DA21C4A-791A-4824-AE7C-FB1FCC32E252}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{74F8B4D5-9720-4FC3-8D1C-58BA96059FAC}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{82B3F7AE-B924-4EE8-81FF-06FCE12F9C9B}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{8A77F983-44CC-45AA-B61B-DDFCC6A8BCE9}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{97510374-5D11-4AF4-88FE-05E5D1E03E51}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{BBEA5945-44C0-4616-9C22-57CC44BF2363}: "URL" = http://search.yahoo.com/search?p={searc ... type=10511
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{C866815B-C082-4849-81B9-B84F03AF5152}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{D1BDE674-59F3-4F44-80A2-16A68853A43E}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{E01C3AA4-939B-47B0-B14E-ACDE7A8D8C15}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{F2C30662-88C2-40FC-AF08-739702ACCA9B}: "URL" = http://start.funmoods.com/results.php?f ... earchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://start.search.us.com/v/2/?guid={D ... 1}&serpv=5"
FF - prefs.js..keyword.URL: "http://search.us.com/serp?guid={36E86B2 ... serpv=5&k="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Pepik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Users\Pepik\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin: C:\Users\Pepik\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pepik\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pepik\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/04/14 20:10:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/22 16:04:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2014/04/13 15:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2014/04/13 15:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/02 17:15:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/04/28 20:11:39 | 000,000,000 | ---D | M]

[2012/07/11 21:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Extensions
[2014/05/04 12:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions
[2013/03/28 21:36:14 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013/07/31 13:37:18 | 000,000,000 | ---D | M] ("SimilarWeb") -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\FirefoxAddon@similarWeb.com
[2013/09/05 17:56:46 | 000,000,000 | ---D | M] (GoPhotoIt) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it
[2014/02/13 09:26:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\staged
[2013/10/31 18:17:49 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\toolbar_PTV-RG@apn.ask.com
[2013/04/11 17:54:38 | 000,197,614 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\ftdownloader3@ftdownloader.com.xpi
[2013/03/17 18:07:12 | 000,215,985 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\onlinehdtv@onlinehd.tv.xpi
[2014/03/27 14:47:55 | 000,557,187 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\toolbar_PTV-RG@apn.ask.com.xpi
[2012/06/26 06:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/02 17:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/07 15:14:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/22 16:04:03 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM.XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\Application\34.0.1847.131\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Pepik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Search.us Home = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alojkmcmnpkbagfnepailkeejeoebdkg\1.0.0.0_0\
CHR - Extension: YouTube = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Image Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávání Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.233_0\
CHR - Extension: SaveFrom.net помощник = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl\2.41_0\
CHR - Extension: Peněženka Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Search.us Home = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alojkmcmnpkbagfnepailkeejeoebdkg\1.0.0.0_0\
CHR - Extension: YouTube = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Image Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávání Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.233_0\
CHR - Extension: SaveFrom.net помощник = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl\2.41_0\
CHR - Extension: Peněženka Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/05/04 13:40:48 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll" File not found
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll" File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (SimilarWeb) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Gaming Mouse Driver] C:\Program Files (x86)\Gaming Mouse\Monitor.EXE ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe (APN LLC.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000..\Run: [Clownfish] File not found
O4 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.9 212.47.0.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{610EB418-5BBF-4997-8F43-3817DE589DD9}: DhcpNameServer = 192.168.1.9 212.47.0.7
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/06 11:13:38 | 000,213,472 | ---- | M] () - G:\autorun.ico -- [ FAT32 ]
O33 - MountPoints2\{0e91db54-d96b-11e2-a9b5-dc0ea10325dc}\Shell - "" = AutoRun
O33 - MountPoints2\{0e91db54-d96b-11e2-a9b5-dc0ea10325dc}\Shell\AutoRun\command - "" = G:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/05/03 22:19:08 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\Screencast-O-Matic
[2014/05/02 16:03:27 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\CrashDumps
[2014/05/02 14:05:11 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/02 14:04:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 19:56:29 | 017,338,544 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/04/30 20:57:01 | 000,000,000 | ---D | C] -- C:\Users\Pepik\Desktop\Social Gang
[2014/04/19 16:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon CZ
[2014/04/19 15:48:11 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\Game Dev Tycoon
[2014/04/19 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Dev Tycoon v1.3.2
[2014/04/19 15:46:45 | 000,000,000 | ---D | C] -- C:\Users\Pepik\Desktop\Game.Dev.Tycoon-ALiAS
[2014/04/18 15:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\{187927AB-7D65-452C-87AC-E44B4CF052C1}
[2014/04/13 16:01:44 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\FreemakeVideoDownloader
[2014/04/13 15:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap

========== Files - Modified Within 30 Days ==========

[2014/05/08 10:29:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/05/08 10:27:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
[2014/05/08 09:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/05/08 09:45:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/08 08:38:21 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/08 08:38:21 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/08 08:31:06 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/08 08:30:58 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
[2014/05/08 08:30:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/08 08:30:34 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/07 23:20:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
[2014/05/07 22:18:29 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
[2014/05/06 19:04:50 | 001,586,070 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/06 19:04:50 | 000,669,926 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/05/06 19:04:50 | 000,655,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/06 19:04:50 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/05/06 19:04:50 | 000,122,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/06 19:00:27 | 000,217,057 | ---- | M] () -- C:\Users\Pepik\Desktop\1493441_1447318688822588_1875241201_o.jpg
[2014/05/04 17:31:51 | 011,598,474 | ---- | M] () -- C:\Users\Pepik\Desktop\lada kreten.mp3
[2014/05/04 13:40:48 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/05/01 19:56:48 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/01 19:56:48 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 19:56:29 | 017,338,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/05/01 19:17:30 | 000,000,431 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/05/01 09:33:19 | 009,602,682 | ---- | M] () -- C:\Users\Pepik\Desktop\pro dluhyse.mp3
[2014/05/01 09:25:53 | 000,068,371 | ---- | M] () -- C:\Users\Pepik\Desktop\llkmj.flp
[2014/04/28 20:11:40 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/04/23 15:03:41 | 009,046,848 | ---- | M] () -- C:\Users\Pepik\Desktop\VID_20140422_182607.mp4
[2014/04/19 18:04:23 | 000,202,541 | ---- | M] () -- C:\Users\Pepik\Desktop\w2hobq.jpg
[2014/04/19 16:23:04 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Game Dev Tycoon CZ.lnk
[2014/04/17 18:33:18 | 003,700,350 | ---- | M] () -- C:\Users\Pepik\Desktop\Perverz - Deadline mit Blokkmonsta, Schwartz & Rako (HD-Video).mp3
[2014/04/17 18:31:25 | 003,259,403 | ---- | M] () -- C:\Users\Pepik\Desktop\Perverz - Das Vorurteil stimmt (HD-Video).mp3
[2014/04/17 18:01:05 | 001,783,710 | ---- | M] () -- C:\Users\Pepik\Desktop\VYZVANENI.mp3
[2014/04/13 15:58:55 | 000,001,300 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk

========== Files Created - No Company Name ==========

[2014/05/08 10:29:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/05/06 19:00:27 | 000,217,057 | ---- | C] () -- C:\Users\Pepik\Desktop\1493441_1447318688822588_1875241201_o.jpg
[2014/05/04 17:31:02 | 011,598,474 | ---- | C] () -- C:\Users\Pepik\Desktop\lada kreten.mp3
[2014/05/01 19:19:10 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/01 09:32:38 | 009,602,682 | ---- | C] () -- C:\Users\Pepik\Desktop\pro dluhyse.mp3
[2014/05/01 09:25:53 | 000,068,371 | ---- | C] () -- C:\Users\Pepik\Desktop\llkmj.flp
[2014/04/28 20:11:40 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/04/23 15:01:28 | 009,046,848 | ---- | C] () -- C:\Users\Pepik\Desktop\VID_20140422_182607.mp4
[2014/04/19 18:04:22 | 000,202,541 | ---- | C] () -- C:\Users\Pepik\Desktop\w2hobq.jpg
[2014/04/19 17:20:11 | 008,191,631 | ---- | C] () -- C:\Users\Pepik\Desktop\16. Blokkmonsta - Yeahhh.mp3
[2014/04/19 17:20:11 | 005,785,251 | ---- | C] () -- C:\Users\Pepik\Desktop\19. Blokkmonsta - Doom Rap (Remix) – Bonus Track.mp3
[2014/04/19 16:23:04 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Game Dev Tycoon CZ.lnk
[2014/04/17 18:33:41 | 003,259,403 | ---- | C] () -- C:\Users\Pepik\Desktop\Perverz - Das Vorurteil stimmt (HD-Video).mp3
[2014/04/17 18:33:40 | 003,700,350 | ---- | C] () -- C:\Users\Pepik\Desktop\Perverz - Deadline mit Blokkmonsta, Schwartz & Rako (HD-Video).mp3
[2014/04/17 18:00:57 | 001,783,710 | ---- | C] () -- C:\Users\Pepik\Desktop\VYZVANENI.mp3
[2014/04/13 15:58:55 | 000,001,300 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk
[2013/10/21 19:36:55 | 000,000,918 | ---- | C] () -- C:\Windows\ARPR.INI
[2013/07/12 16:11:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013/06/25 16:19:00 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013/06/25 16:18:59 | 000,014,456 | ---- | C] () -- C:\Windows\SysWow64\Kara_v.dll
[2013/06/24 08:00:46 | 001,205,201 | ---- | C] () -- C:\Windows\unins000.exe
[2013/06/19 19:57:06 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/06/19 19:57:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/06/02 12:52:44 | 097,979,392 | ---- | C] () -- C:\Program Files (x86)\Samsung New PC Studio.msi
[2013/06/02 12:52:44 | 000,102,400 | ---- | C] () -- C:\Program Files (x86)\1029.MST
[2013/06/02 12:52:44 | 000,014,444 | ---- | C] () -- C:\Program Files (x86)\0x0405.ini
[2013/05/24 20:13:59 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2013/03/23 15:29:55 | 000,877,747 | ---- | C] () -- C:\Users\Pepik\AppData\Local\Tempmusic.ogg
[2013/01/03 20:16:25 | 000,000,246 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Mouse Monitor_Settings.ini
[2012/11/19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/11/19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/08/30 19:26:40 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/07/07 21:03:52 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012/07/02 11:58:27 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012/07/02 11:58:27 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2012/07/01 15:30:46 | 000,001,796 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\System Monitor II_CPU0_Settings.ini
[2012/06/11 21:10:17 | 000,000,123 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Mouse Monitor_Counters.ini
[2012/06/11 19:02:06 | 000,000,199 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Keyboard Monitor_Settings.ini
[2012/06/11 16:28:23 | 000,000,276 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\System Uptime Full Plus_Settings.ini
[2012/03/07 19:04:55 | 000,045,270 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\room_v3.dat
[2012/02/11 23:31:12 | 000,005,632 | ---- | C] () -- C:\Users\Pepik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/29 19:36:43 | 000,007,605 | ---- | C] () -- C:\Users\Pepik\AppData\Local\Resmon.ResmonCfg
[2011/11/09 15:37:07 | 000,017,212 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\UserTile.png

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/25 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.minecraft
[2013/09/21 17:02:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.technic
[2012/08/05 18:06:57 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Acoustica
[2012/02/05 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ashampoo
[2013/02/01 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Audacity
[2013/10/23 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\AVAST Software
[2012/02/24 14:55:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Avnex
[2013/01/20 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BANDISOFT
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\bin
[2014/05/01 19:24:52 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BitTorrent
[2013/09/19 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\cache
[2012/02/12 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/19 17:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\config
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\coremods
[2014/05/01 19:24:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
[2012/06/22 20:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013/09/12 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DesktopIconGoodgame
[2012/04/28 10:05:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Dropbox
[2013/08/26 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\FlvtoConverter
[2013/03/17 18:40:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Freecorder 7 Video
[2013/08/04 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ftblauncher
[2013/03/19 16:58:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GarenaPlus
[2012/01/12 18:05:09 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hardcore
[2011/11/14 00:09:39 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ICQ
[2012/08/05 18:07:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Image-Line
[2012/05/05 08:17:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IObit
[2011/12/28 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IrfanView
[2012/07/01 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Leadertech
[2013/09/19 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\lib
[2012/05/05 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient
[2012/06/09 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient2
[2013/07/30 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\MKKE
[2013/09/19 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\mods
[2012/02/03 09:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Need for Speed World
[2013/11/07 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Nordic Games
[2011/11/09 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera
[2012/07/30 21:51:22 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\PC Suite
[2012/03/21 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Publish Providers
[2013/09/20 16:06:50 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\resources
[2013/05/05 20:27:00 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Samsung
[2013/09/21 08:42:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\saves
[2013/09/12 15:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Seznam.cz
[2013/03/17 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SimilarWeb
[2013/08/23 16:52:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\skyz
[2013/11/15 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Softland
[2013/01/20 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Sony
[2013/09/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\stats
[2012/08/05 18:07:23 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SynthMaker
[2013/09/19 17:27:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\temp
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks-mp-cache
[2014/02/14 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\TS3Client
[2012/06/22 20:04:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ubisoft
[2013/08/05 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ulozto File Manager
[2012/03/07 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Unity
[2012/10/21 08:09:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\uTorrent
[2012/06/05 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\wargaming.net
[2013/02/27 16:58:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WebcamMax

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/31 17:35:43 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
[2012/07/31 17:35:43 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
[2013/03/16 21:15:39 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
[2013/03/16 21:15:39 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
[2013/06/19 15:05:26 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/06/19 15:05:27 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/05/01 19:19:10 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[toox]

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/06/04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2010/04/13 03:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x64\iaStor.sys
[2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys
[2010/04/13 03:35:20 | 000,435,736 | ---- | M] (Intel Corporation) MD5=E11ED9B1EA60E747655E1090C7509D08 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x86\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/03/19 09:45:16 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/03/19 09:39:54 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[59 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/01/25 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.minecraft
[2013/09/21 17:02:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.technic
[2012/08/05 18:06:57 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Acoustica
[2013/04/03 19:45:33 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Adobe
[2012/02/05 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ashampoo
[2013/02/01 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Audacity
[2013/10/23 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\AVAST Software
[2012/02/24 14:55:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Avnex
[2013/01/20 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BANDISOFT
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\bin
[2014/05/01 19:24:52 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BitTorrent
[2013/09/19 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\cache
[2012/02/12 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/19 17:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\config
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\coremods
[2011/11/09 15:22:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\CyberLink
[2014/05/01 19:24:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
[2012/06/22 20:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013/09/12 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DesktopIconGoodgame
[2012/04/28 10:05:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Dropbox
[2013/08/26 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\FlvtoConverter
[2013/03/17 18:40:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Freecorder 7 Video
[2013/08/04 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ftblauncher
[2013/03/19 16:58:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GarenaPlus
[2011/11/09 15:24:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GRETECH
[2011/12/27 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hamachi
[2012/01/12 18:05:09 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hardcore
[2011/11/14 00:09:39 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ICQ
[2011/11/09 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Identities
[2012/08/05 18:07:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Image-Line
[2013/07/29 16:55:21 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\InstallShield
[2012/05/05 08:17:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IObit
[2011/12/28 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IrfanView
[2012/07/01 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Leadertech
[2013/09/19 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\lib
[2012/05/05 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient
[2012/06/09 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient2
[2011/11/09 12:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Macromedia
[2011/11/09 14:08:54 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Malwarebytes
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Media Center Programs
[2012/12/16 12:14:51 | 000,000,000 | --SD | M] -- C:\Users\Pepik\AppData\Roaming\Microsoft
[2013/07/30 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\MKKE
[2013/09/19 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\mods
[2012/06/26 06:54:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Mozilla
[2012/02/03 09:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Need for Speed World
[2013/11/07 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Nordic Games
[2011/11/09 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera
[2012/07/30 21:51:22 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\PC Suite
[2012/03/21 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Publish Providers
[2013/09/20 16:06:50 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\resources
[2013/05/05 20:27:00 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Samsung
[2013/09/21 08:42:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\saves
[2012/07/02 08:06:28 | 000,000,000 | RH-D | M] -- C:\Users\Pepik\AppData\Roaming\SecuROM
[2013/09/12 15:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Seznam.cz
[2013/03/17 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SimilarWeb
[2014/05/08 10:33:42 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Skype
[2013/08/23 16:52:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\skyz
[2013/11/15 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Softland
[2013/01/20 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Sony
[2013/09/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\stats
[2012/08/05 18:07:23 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SynthMaker
[2013/09/19 17:27:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\temp
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks-mp-cache
[2014/02/14 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\TS3Client
[2012/06/22 20:04:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ubisoft
[2013/08/05 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ulozto File Manager
[2012/03/07 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Unity
[2012/10/21 08:09:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\uTorrent
[2012/06/05 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\wargaming.net
[2013/02/27 16:58:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WebcamMax
[2011/11/09 14:54:54 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2007/03/22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2012/08/29 19:47:51 | 000,010,134 | R--- | M] () -- C:\Users\Pepik\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2013/07/23 14:48:55 | 000,010,134 | R--- | M] () -- C:\Users\Pepik\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013/05/16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013/04/12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013/01/30 12:22:00 | 000,237,568 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\SimilarWeb\chromeResetSimilarWeb.exe
[2013/01/28 12:49:54 | 000,216,752 | ---- | M] (SimilarWeb) -- C:\Users\Pepik\AppData\Roaming\SimilarWeb\SimilarWeb.exe
[2013/01/30 11:10:34 | 000,633,344 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\SimilarWeb\similarwebuid.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/02/02 05:42:27 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/11/09 12:26:55 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/02/02 05:42:27 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/11/09 12:26:55 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/05/08 08:31:19 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Pepik\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/07/31 17:35:40 | 000,116,648 | ---- | M] (Google Inc.)
"Clownfish" =
"AutoStartNPSAgent" = C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2009/04/02 18:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.)
"Pando Media Booster" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe -- [2013/11/30 14:34:58 | 003,093,624 | ---- | M] ()

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/05/08 10:29:24 | 000,000,512 | ---- | M] () MD5=3F58D39B7C1976147E6B5268BF809B05 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003/12/05 14:52:40 | 000,000,796 | ---- | M] () -- \Gta san andreas\data\Decision\Craig\crack1.ped
[2005/07/07 21:22:11 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Concrete\prodwllecracked.vmt
[2005/07/07 21:22:12 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Concrete\prodwllecracked.vtf
[2005/12/02 21:04:47 | 000,000,574 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Glass\glasswindow018a_cracked.vmt
[2005/12/02 21:04:47 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Glass\glasswindow018a_cracked.vtf
[2005/12/02 21:04:47 | 000,000,574 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vmt
[2005/12/02 21:04:47 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vtf
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Program Files (x86)\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006/07/09 19:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
[2006/03/01 01:00:00 | 000,069,598 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\DYNAMIC\SO\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,069,162 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\STATIC\L16\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,069,598 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\STATIC\SO\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,011,480 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_01.wav
[2006/03/01 01:00:00 | 000,028,824 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_02.wav
[2006/03/01 01:00:00 | 000,017,560 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_03.wav
[2013/06/23 11:47:03 | 000,008,768 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crack.dobrodruh.net_0.localstorage-journal
[2013/05/28 19:46:50 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_crackeroo.kan.su_0.localstorage-journal
[2013/02/04 18:47:23 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_password-cracker.en.softonic.com_0.localstorage-journal
[2014/05/05 19:36:29 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.7-cracker.com_0.localstorage
[2014/05/05 19:36:29 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.7-cracker.com_0.localstorage-journal
[2012/12/14 20:15:10 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.onlinehashcrack.com_0.localstorage-journal
[2012/11/06 08:15:24 | 000,013,443 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Battlefield 1942 + Expansions + CD Crack + Keygens [Swaffy].torrent
[2012/11/22 08:18:35 | 000,018,258 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\F1.2011.PC.[crack+keygen].2011.torrent
[2013/01/04 18:31:22 | 000,010,768 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\WWE '12 [PC] Full Game (cracked).rar.torrent
[2013/08/03 13:17:41 | 000,001,062 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2013/08/03 13:17:41 | 000,008,681 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Stronghold Crusader\gm\cracks.gm1
[2005/12/23 16:51:00 | 000,049,206 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\Mafia\maps\crackedglass128a.bmp
[2005/12/23 17:51:00 | 000,049,206 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\maps\crackedglass128a.bmp

[toox]

< *keygen* /s >
[2012/11/06 08:15:24 | 000,013,443 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Battlefield 1942 + Expansions + CD Crack + Keygens [Swaffy].torrent
[2012/11/22 08:18:35 | 000,018,258 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\F1.2011.PC.[crack+keygen].2011.torrent
[2013/01/20 10:31:18 | 000,017,067 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Sony Vegas Pro 11.0.370 64 bit patch keygen huoyuan.torrent
[2006/07/11 18:01:56 | 000,066,048 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Ostatní\Camstasia\camtasia byminim0xa\KeyGen.exe

< *AntiWPA* /s >

< *loader* /s >
[2014/04/13 20:48:11 | 000,121,344 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0\npFreemakeYoutubeDownloader.dll.vir
[2013/08/15 16:42:19 | 000,000,522 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0\images\loader.gif.vir
[2013/05/28 19:15:59 | 000,000,906 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com\FTDownloader.lnk.vir
[2003/09/15 15:02:00 | 000,169,384 | ---- | M] () -- \Gry\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003/09/15 14:55:50 | 000,352,548 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\models\loader.mdl
[2003/09/15 14:56:04 | 000,012,764 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 14:56:04 | 000,012,164 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2011/07/05 00:29:56 | 000,124,200 | ---- | M] () -- \Program Files (x86)\Acer\Acer Crystal Eye Webcam\Koan\pyloader.dll
[2013/01/08 17:05:34 | 003,298,024 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012/03/13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012/03/13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012/02/23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012/10/26 13:44:29 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/04/29 10:53:44 | 000,011,917 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2012/03/27 17:16:02 | 000,014,336 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Detector.dll
[2012/03/27 17:16:02 | 000,006,656 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2012/03/27 17:16:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2012/03/27 17:16:02 | 000,036,352 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Interface.dll
[2012/03/27 17:16:02 | 000,017,408 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2012/03/27 17:16:00 | 000,048,640 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2012/03/27 17:16:02 | 000,159,744 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2012/03/27 17:16:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Subtitles.dll
[2012/03/27 17:16:02 | 000,079,360 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2012/03/27 17:16:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2012/03/27 17:16:02 | 000,003,584 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloaderDeploy.dll
[2011/03/16 13:12:40 | 000,034,304 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Uploader\FMYouTubeUploader.dll
[2014/03/12 04:05:08 | 002,089,024 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2014/02/03 05:14:10 | 000,007,379 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.js
[2014/02/03 05:14:10 | 000,000,402 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.xul
[2014/03/12 04:04:58 | 000,089,664 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/03/12 04:03:44 | 000,043,008 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\DownloaderCommon.dll
[2014/03/12 04:00:56 | 000,020,992 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Detector.dll
[2014/03/12 03:54:38 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2014/03/12 04:00:58 | 000,014,336 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2014/03/12 04:00:50 | 000,045,568 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Interface.dll
[2014/03/12 03:54:40 | 000,020,480 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2014/03/12 04:00:52 | 000,066,048 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2014/03/12 04:00:54 | 000,158,720 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2014/03/12 04:00:58 | 000,145,920 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2014/03/12 04:00:52 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2014/03/12 04:03:52 | 000,241,664 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Model.dll
[2014/03/12 04:01:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Tools.dll
[2014/03/12 04:04:00 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\cs\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\da\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\de-DE\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,013,312 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\el-GR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\es-ES\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\fr-FR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\hu\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\it\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,017,920 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ja-JP\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\nl\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pl\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pt-BR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:04 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ru-RU\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\sk\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,012,800 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\uk\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,776 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\vi\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-CN\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:04 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-TW\FreemakeVideoDownloader.resources.dll
[2002/08/18 22:14:40 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2013/02/07 11:11:16 | 000,051,504 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2013/02/07 11:11:18 | 002,941,232 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2013/02/07 08:58:36 | 000,256,816 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2009/03/31 09:23:58 | 000,289,280 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009/03/12 09:31:22 | 000,285,184 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009/03/31 09:39:20 | 000,208,896 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009/04/02 18:03:40 | 000,258,048 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008/11/25 16:52:24 | 000,266,240 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2005/06/26 13:10:02 | 000,001,172 | ---- | M] () -- \Program Files (x86)\Sanny Builder 3\tools\CLEO3\ASI_loader_ ReadMe.txt
[2009/02/22 03:34:22 | 003,217,920 | ---- | M] () -- \Program Files (x86)\WWE RAW - Ultimate Impact\LOADER.exe
[2013/01/08 17:26:28 | 003,298,024 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012/03/13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007/03/16 16:56:16 | 000,019,968 | ---- | M] () -- \Program Files\Bus Driver\lib\loaders.dll
[2011/05/28 23:04:04 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/04/13 15:58:55 | 000,001,318 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013/01/30 19:18:06 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013/01/30 19:18:06 | 000,001,920 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2010/11/02 12:36:12 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.83\deploy\assets\storeImages\layout\small_loader.gif
[2012/10/19 21:13:27 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.83\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2013/07/24 14:23:36 | 000,001,415 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.83\deploy\mod\cfct\assets\FeaturedContentLoaderAssets.swf
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/04/13 15:58:55 | 000,001,318 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013/01/30 19:18:06 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013/01/30 19:18:06 | 000,001,920 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013/11/08 10:35:06 | 000,474,688 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
[2013/11/05 13:30:58 | 000,004,322 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe.config
[2013/12/21 18:52:57 | 000,146,566 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\UninstallFlvtoYoutubeDownloader.exe
[2013/11/08 10:35:02 | 000,019,520 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\de-DE\FlvtoYoutubeDownloader.resources.dll
[2013/11/08 10:35:02 | 000,018,496 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\en-US\FlvtoYoutubeDownloader.resources.dll
[2013/11/08 10:35:06 | 000,017,248 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\it-IT\FlvtoYoutubeDownloader.resources.dll
[2013/11/08 10:35:08 | 000,019,520 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\pt-PT\FlvtoYoutubeDownloader.resources.dll
[2013/09/13 19:02:54 | 000,009,216 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloader.zex.cz_0.localstorage
[2013/09/13 19:02:54 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloader.zex.cz_0.localstorage-journal
[2013/06/24 15:15:39 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_flvto-youtube-downloader.en.softonic.com_0.localstorage-journal
[2013/01/30 20:35:15 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lp.downloaderprowx.info_0.localstorage-journal
[2013/07/26 21:32:56 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lp.ncdownloader.com_0.localstorage
[2013/07/26 21:32:56 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lp.ncdownloader.com_0.localstorage-journal
[2014/04/07 16:23:02 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.picturedownloader.net_0.localstorage
[2014/04/07 16:23:02 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.picturedownloader.net_0.localstorage-journal
[2012/12/28 20:35:03 | 000,008,768 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtubedownloadersite.com_0.localstorage-journal
[2012/11/12 21:50:56 | 000,000,121 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\UQD3K2VR\de-castaclip.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2014/05/02 13:32:34 | 000,001,870 | ---- | M] () -- \Users\Pepik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1C5UAVRD\AdLoader[1].htm
[2014/05/02 13:32:32 | 000,112,122 | ---- | M] () -- \Users\Pepik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU9IZLA9\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/05/02 13:32:32 | 000,001,870 | ---- | M] () -- \Users\Pepik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0D69EUD\AdLoader[1].htm
[2012/12/15 20:58:43 | 000,000,749 | ---- | M] () -- \Users\Pepik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2014/01/28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/04/13 15:58:30 | 014,505,856 | ---- | M] () -- \Users\Pepik\AppData\Local\Temp\FreemakeVideoDownloader_3.6.4.1.exe
[291 \Users\Pepik\AppData\Local\Temp\*.tmp files -> \Users\Pepik\AppData\Local\Temp\*.tmp -> ]
[2014/02/11 20:14:58 | 000,010,819 | ---- | M] () -- \Users\Pepik\AppData\Local\Temp\ish1038873\images\Loader.gif
[2014/04/13 15:57:03 | 001,308,432 | ---- | M] () -- \Users\Pepik\AppData\Local\Temp\is-MKKC3.tmp\FreemakeVideoDownloaderSetup.exe
[2013/09/21 08:50:28 | 000,094,699 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log
[2013/09/21 08:42:03 | 000,000,000 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log.lck
[2013/09/21 08:37:32 | 000,075,364 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-1.log
[2013/09/20 21:07:42 | 000,092,507 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-2.log
[2014/04/04 16:02:13 | 000,014,619 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-0.log
[2014/04/04 16:01:45 | 000,000,000 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-0.log.lck
[2014/04/01 17:53:48 | 000,014,995 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-1.log
[2013/09/21 17:19:43 | 000,010,251 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-2.log
[2013/09/17 16:56:46 | 000,061,304 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkit\ForgeModLoader-0.log
[2013/09/15 09:25:46 | 000,061,304 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkit\ForgeModLoader-1.log
[2013/09/15 09:24:50 | 000,061,304 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkit\ForgeModLoader-2.log
[2012/04/23 20:31:42 | 000,001,980 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013/10/10 17:06:06 | 000,394,819 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-0.log
[2013/10/10 17:00:07 | 000,000,000 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-0.log.lck
[2013/09/17 17:07:38 | 000,397,824 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-1.log
[2014/04/04 16:07:27 | 000,511,961 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log
[2014/04/04 16:02:52 | 000,000,000 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log.lck
[2013/09/09 11:34:28 | 000,514,667 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-1.log
[2013/09/09 11:30:32 | 000,153,713 | ---- | M] () -- \Users\Pepik\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-2.log
[2013/12/21 18:52:57 | 000,002,176 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Flvto Youtube Downloader.lnk
[2013/12/21 18:52:57 | 000,002,190 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2013/12/21 18:52:57 | 000,001,377 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/04/13 15:58:55 | 000,001,405 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2013/04/11 17:54:38 | 000,197,614 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\ftdownloader3@ftdownloader.com.xpi
[2013/03/25 15:00:00 | 000,006,418 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it\resources\addon-sdk\lib\sdk\content\loader.js
[2013/03/25 15:00:00 | 000,002,446 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it\resources\addon-sdk\lib\sdk\l10n\loader.js
[2013/03/25 15:00:00 | 000,003,942 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it\resources\addon-sdk\lib\sdk\windows\loader.js
[2013/03/25 15:00:00 | 000,017,838 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it\resources\addon-sdk\lib\toolkit\loader.js
[2012/06/17 15:30:32 | 000,000,522 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\gophoto@gophoto.it\resources\gophotoit\data\loader.gif
[2013/03/29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\bin\4994libfoxloader.dll
[2013/09/12 15:46:53 | 000,000,164 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/02/19 12:07:28 | 000,030,608 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013/03/25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013/08/23 16:52:12 | 000,200,377 | ---- | M] () -- \Users\Pepik\AppData\Roaming\skyz\mod_prerequisites\ModLoader1.5.2.zip
[2013/09/24 15:59:38 | 000,000,421 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Unity\WebPlayerPrefs\cdn_5ftx3_2egalapagosgames_2ecom\prefunity-scenes-loader_2eunity3d.upp
[2013/12/21 18:52:57 | 000,002,176 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Flvto Youtube Downloader.lnk
[2013/06/24 15:16:15 | 000,631,704 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\FlvtoYoutubeDownloader.exe
[2013/01/30 19:18:06 | 000,001,014 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\YTD Video Downloader.lnk
[2011/12/27 12:27:32 | 000,001,090 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Programy\YouTube Downloader.lnk
[2014/04/25 17:47:09 | 000,010,272 | ---- | M] () -- \Users\Pepik\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2014/04/13 15:58:55 | 000,001,300 | ---- | M] () -- \Users\Public\Desktop\Freemake Video Downloader.lnk
[2012/10/26 13:30:30 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2012/10/26 13:36:39 | 000,003,592 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2006/09/28 14:55:34 | 000,053,248 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2013/12/05 09:32:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2007/04/30 16:43:12 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2006/09/28 14:55:34 | 000,053,248 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2013/12/05 09:32:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2007/04/30 16:43:12 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/10/09 18:35:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/10/09 18:35:18 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/10/09 18:35:18 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/10/09 18:35:18 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/10/09 18:35:18 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/07/20 09:04:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/20 09:04:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/20 09:04:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/20 09:04:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/20 09:04:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/10/09 18:31:57 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2011/05/30 05:03:11 | 000,000,750 | ---- | M] () -- \OEM\Preload\Autorun\APP\clear.fi v1.0\PCinema\Config\CopyRightNoDTS.ini
[2012/11/16 18:36:10 | 001,331,126 | ---- | M] () -- \Program Files (x86)\Zemi Interactive\4StoryUS\Node\TNODE00000506.pnd
[2012/11/16 18:36:11 | 001,316,090 | ---- | M] () -- \Program Files (x86)\Zemi Interactive\4StoryUS\Node\TNODE02BF0000.pnd

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2007/10/30 21:10:05 | 000,200,704 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\bin\dmserializers.dll
[2003/10/09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2013/05/13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/24 19:36:30 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012/12/24 21:01:18 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\wanted5733\team fortress 2\bin\dmserializers.dll
[2013/05/13 17:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/24 19:37:07 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/09/27 14:50:16 | 000,320,856 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\CoreUI.XmlSerializers.dll
[2011/09/27 14:50:22 | 000,460,120 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2013/07/22 20:00:10 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ceskyserialy.cz_0.localstorage
[2013/07/22 20:00:10 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ceskyserialy.cz_0.localstorage-journal
[2012/12/16 11:51:01 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filmy-serialy.eu_0.localstorage-journal
[2013/08/23 08:39:23 | 000,009,216 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hannah-montana.serialykestazeni.cz_0.localstorage
[2013/08/23 08:39:23 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hannah-montana.serialykestazeni.cz_0.localstorage-journal
[2013/06/22 23:18:10 | 000,008,768 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_krimiserialy.juk.cz_0.localstorage-journal
[2012/11/24 14:01:10 | 000,008,768 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_krok-za-krokem.serialykestazeni.cz_0.localstorage-journal
[2013/05/24 14:30:13 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serialnumber.in_0.localstorage-journal
[2013/08/23 08:32:22 | 000,009,216 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.cz_0.localstorage
[2013/08/23 08:32:22 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.cz_0.localstorage-journal
[2014/02/02 20:18:04 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.filmy-serialy-online.sk_0.localstorage
[2014/02/02 20:18:04 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.filmy-serialy-online.sk_0.localstorage-journal
[2012/12/16 11:45:53 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.filmy-serialy.eu_0.localstorage-journal
[2013/08/24 21:02:22 | 000,009,216 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialovalista.cz_0.localstorage
[2013/08/24 21:02:22 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialovalista.cz_0.localstorage-journal
[2014/03/15 19:44:10 | 000,009,216 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014/03/15 19:44:10 | 000,009,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2013/08/05 14:24:46 | 000,003,072 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2013/08/05 14:24:46 | 000,003,608 | ---- | M] () -- \Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2012/08/12 20:20:17 | 000,000,656 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\TABLES\MENU\multiset_serial.mnu
[2011/10/09 18:34:41 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/01/11 16:30:52 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013/01/11 16:29:42 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 16:31:23 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013/01/11 16:25:50 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:38:23 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:38:18 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013/01/11 18:40:15 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013/01/11 18:47:25 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013/01/11 18:47:34 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:50:38 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2011/11/11 13:51:43 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/02/15 18:43:17 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/11/11 13:51:42 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/02/15 18:43:15 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/02/15 18:43:25 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:43 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011/10/09 18:34:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/10/09 18:34:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011/10/09 18:34:45 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/07/20 09:04:28 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/20 09:04:28 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/10/09 18:35:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/10/09 18:35:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/10/09 18:33:25 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:41 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/10/09 18:34:43 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013/07/27 20:36:57 | 125,771,767 | ---- | M] ()(C:\Users\Pepik\Documents\?Deutscher Rap? German Hip Hop 2012 ?HipHop aus Deutschland?.mp4) -- C:\Users\Pepik\Documents\【Deutscher Rap】 German Hip Hop 2012 【HipHop aus Deutschland】.mp4
[2013/07/27 20:33:32 | 125,771,767 | ---- | C] ()(C:\Users\Pepik\Documents\?Deutscher Rap? German Hip Hop 2012 ?HipHop aus Deutschland?.mp4) -- C:\Users\Pepik\Documents\【Deutscher Rap】 German Hip Hop 2012 【HipHop aus Deutschland】.mp4

========== Alternate Data Streams ==========

@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

< End of report >

[Márty84]

Najdete tento soubor C:\Windows\syswow64\GameMon.des a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
SwitchBoard

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA.job
C:\Program Files (x86)\AskPartnerNetwork

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtDtAtByD0D0C0AyEtBtDtN0D0Tzu0CyDtCyEtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1737495951&ir=
IE:64bit: - HKLM\..\SearchScopes\{7603420F-1940-B9EF-2221-3F9F755D2323}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtDtAtByD0D0C0AyEtBtDtN0D0Tzu0CyDtCyEtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1737495951&ir=
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.search.us.com/v/2/?guid={DD0BAC90-4337-4EEF-8A03-61FB5BB5F831}&serpv=5
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\URLSearchHook: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtDtAtByD0D0C0AyEtBtDtN0D0Tzu0CyDtCyEtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1737495951&ir=
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{451048B7-4A2C-4AD8-95A6-9559F7591203}: "URL" = http://search.us.com/serp?guid={36E86B2F-A438-4376-9EA0-D3DA9F11149E}&action=default_search&serpv=5&k={searchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{4AF75676-BE7D-4E32-995A-FBB252803C6B}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10513
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{74F8B4D5-9720-4FC3-8D1C-58BA96059FAC}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{BBEA5945-44C0-4616-9C22-57CC44BF2363}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10511
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{F2C30662-88C2-40FC-AF08-739702ACCA9B}: "URL" = http://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
FF - prefs.js..browser.startup.homepage: "http://start.search.us.com/v/2/?guid={DD0BAC90-4337-4EEF-8A03-61FB5BB5F831}&serpv=5"
FF - prefs.js..keyword.URL: "http://search.us.com/serp?guid={36E86B2F-A438-4376-9EA0-D3DA9F11149E}&action=default_search&serpv=5&k="
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Users\Pepik\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin: C:\Users\Pepik\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2013/10/31 18:17:49 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\toolbar_PTV-RG@apn.ask.com
[2014/03/27 14:47:55 | 000,557,187 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\toolbar_PTV-RG@apn.ask.com.xpi
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
File not found (No name found) -- C:\USERS\PEPIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ICESH4I.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM.XPI
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - Extension: Search.us Home = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alojkmcmnpkbagfnepailkeejeoebdkg\1.0.0.0_0\
CHR - Extension: Search.us Home = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alojkmcmnpkbagfnepailkeejeoebdkg\1.0.0.0_0\
O3:64bit: - HKLM\..\Toolbar: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll" File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O15 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012/05/05 08:17:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IObit
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5054562D-5247-006A-76A7-7A786E7484D7}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{74198672-5F7D-4FE9-A611-4AC1D5A66A15}"=-
"{5054562D-5247-006A-76A7-7A786E7484D7}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"Clownfish"=-
"AutoStartNPSAgent"=-
"Pando Media Booster"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NHL® 09 Registration.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Assassin.LNK] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
"NPSStartup"=-
"Adobe ARM"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[toox]

http://virusscan.jotti.org/cs/scanresul ... c42a70b858
https://www.virustotal.com/cs/file/bc5d ... 399721487/

čistej

[Márty84]

OK, tak ted to OTL

[toox]

při každém testu system se zhroutí

[Márty84]

Zkuste to v nouzovem rezimu.



31.5. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975