Dobrý den,
chytnul jsem šmejda, který si říká SavePass 1.2 a myslím, že to není všechno. Prosím tedy o pomoc...
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by komik (administrator) on KOMIK-PC on 10-09-2014 15:44:19
Running from C:\Users\komik\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(OB) C:\Program Files (x86)\SavePass 1.1\05c9666f-c29f-452c-bff9-e23080ba959a.exe
() C:\Program Files (x86)\SavePass 1.1\fa2f651c-4632-4369-99d7-d5e88d0dd21e.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
() C:\Windows\System32\xgchabgnd.exe
(Dropbox, Inc.) C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(OB) C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-6.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Shit\TaskManager_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\komik\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4367808 2009-12-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [6988736 2009-12-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [XeroxScanUtility] => C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe [2391296 2011-03-01] (Xerox Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xgchabgnd.exe [146176 2011-03-01] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-04-02] (cyberlink)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QT Lite\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKU\S-1-5-21-602876395-1928980917-1894684931-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)
HKU\S-1-5-21-602876395-1928980917-1894684931-1000\...\MountPoints2: {e1df985a-e14f-11df-be72-c44619be145a} - F:\SETUP.EXE
Startup: C:\Users\komik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 2682bfa0d4
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: No Name -> {11111111-1111-1111-1111-110611341129} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {11111111-1111-1111-1111-110611341129} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-07]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "www.google.com"
CHR DefaultSearchKeyword: Default -> 739611C8ADA9140A0F92E122D003642F984F6409D4EF80F9E4230B9937579254
CHR DefaultSearchURL: Default -> 41651AB20AE2A45DB610E644941BB547C8BF9E1ADD6CF7BEFE9FAF6FEB1623B1
CHR Profile: C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-06-03]
CHR Extension: (Dokumenty Google) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
CHR Extension: (Disk Google) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
CHR Extension: (YouTube) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (AdBlock) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-28]
CHR Extension: (Rating Program Extension) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\imbankdmoclhcdmdejkklikkpaidaeij [2014-04-07]
CHR Extension: (Peněženka Google) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
CHR Extension: (Gmail) - C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-09] (globalUpdate) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-11-28] () [File not signed]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-04-02] (CyberLink Corp.)
U3 ag6h0q2c; C:\Windows\System32\Drivers\ag6h0q2c.sys [0 ] (Microsoft Corporation)
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-10 15:44 - 2014-09-10 15:45 - 00017824 _____ () C:\Users\komik\Desktop\FRST.txt
2014-09-10 15:43 - 2014-09-10 15:44 - 00000000 ____D () C:\FRST
2014-09-10 15:42 - 2014-09-10 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\komik\Desktop\FRSTLauncher.exe
2014-09-10 15:09 - 2014-09-10 15:02 - 02105856 _____ (Farbar) C:\Users\komik\Desktop\FRST64.exe
2014-09-09 18:17 - 2014-09-09 18:17 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Media Freeware
2014-09-09 18:16 - 2014-09-10 12:16 - 00002428 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
2014-09-09 18:16 - 2014-09-10 12:16 - 00002428 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
2014-09-09 18:16 - 2014-09-09 18:16 - 00005458 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5
2014-09-09 18:15 - 2014-09-10 15:15 - 00003452 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
2014-09-09 18:15 - 2014-09-10 12:15 - 00003452 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
2014-09-09 18:15 - 2014-09-10 12:15 - 00003116 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
2014-09-09 18:15 - 2014-09-10 12:15 - 00002750 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
2014-09-09 18:15 - 2014-09-10 12:15 - 00002092 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
2014-09-09 18:15 - 2014-09-10 12:15 - 00001428 _____ () C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
2014-09-09 18:15 - 2014-09-09 18:15 - 00006482 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4
2014-09-09 18:15 - 2014-09-09 18:15 - 00006480 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6
2014-09-09 18:15 - 2014-09-09 18:15 - 00006146 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7
2014-09-09 18:15 - 2014-09-09 18:15 - 00005780 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1
2014-09-09 18:15 - 2014-09-09 18:15 - 00005122 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2
2014-09-09 18:15 - 2014-09-09 18:15 - 00004458 _____ () C:\Windows\System32\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a
2014-09-09 18:15 - 2014-09-09 18:15 - 00003882 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-09 18:14 - 2014-09-10 12:19 - 00000884 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-09 18:14 - 2014-09-10 12:15 - 00000612 _____ () C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
2014-09-09 18:14 - 2014-09-10 12:14 - 00004478 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
2014-09-09 18:14 - 2014-09-10 07:31 - 00000880 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-09 18:14 - 2014-09-09 18:16 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2014-09-09 18:14 - 2014-09-09 18:15 - 00003638 _____ () C:\Windows\System32\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e
2014-09-09 18:14 - 2014-09-09 18:14 - 00007508 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11
2014-09-09 18:14 - 2014-09-09 18:14 - 00003628 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-09 18:14 - 2014-09-09 18:14 - 00000000 ____D () C:\Users\komik\AppData\Local\globalUpdate
2014-09-09 18:14 - 2014-09-09 18:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-06 17:15 - 2014-09-06 17:42 - 00000000 ____D () C:\Users\komik\Desktop\Léto
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-10 15:45 - 2014-09-10 15:44 - 00017824 _____ () C:\Users\komik\Desktop\FRST.txt
2014-09-10 15:44 - 2014-09-10 15:43 - 00000000 ____D () C:\FRST
2014-09-10 15:41 - 2014-09-10 15:42 - 00112640 _____ (forum.viry.cz) C:\Users\komik\Desktop\FRSTLauncher.exe
2014-09-10 15:18 - 2014-04-07 11:01 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 15:15 - 2014-09-09 18:15 - 00003452 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
2014-09-10 15:02 - 2014-09-10 15:09 - 02105856 _____ (Farbar) C:\Users\komik\Desktop\FRST64.exe
2014-09-10 14:53 - 2014-05-16 12:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 13:08 - 2012-07-07 19:43 - 00000000 ___RD () C:\Users\komik\Dropbox
2014-09-10 12:19 - 2014-09-09 18:14 - 00000884 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-10 12:16 - 2014-09-09 18:16 - 00002428 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
2014-09-10 12:16 - 2014-09-09 18:16 - 00002428 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
2014-09-10 12:15 - 2014-09-09 18:15 - 00003452 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
2014-09-10 12:15 - 2014-09-09 18:15 - 00003116 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
2014-09-10 12:15 - 2014-09-09 18:15 - 00002750 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
2014-09-10 12:15 - 2014-09-09 18:15 - 00002092 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
2014-09-10 12:15 - 2014-09-09 18:15 - 00001428 _____ () C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
2014-09-10 12:15 - 2014-09-09 18:14 - 00000612 _____ () C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
2014-09-10 12:14 - 2014-09-09 18:14 - 00004478 _____ () C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
2014-09-10 09:47 - 2010-10-26 17:35 - 01587408 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 08:13 - 2013-02-13 16:15 - 00000000 ____D () C:\Users\komik\AppData\Local\Last.fm
2014-09-10 07:38 - 2009-07-14 06:45 - 00023312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 07:38 - 2009-07-14 06:45 - 00023312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 07:33 - 2013-06-07 20:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-10 07:33 - 2012-07-07 19:38 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Dropbox
2014-09-10 07:32 - 2014-04-07 11:01 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 07:31 - 2014-09-09 18:14 - 00000880 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-10 07:31 - 2011-12-12 10:20 - 00003867 _____ () C:\Windows\setupact.log
2014-09-10 07:31 - 2010-10-26 18:08 - 00500900 _____ () C:\Windows\PFRO.log
2014-09-10 07:31 - 2010-10-26 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-10 07:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-09 21:39 - 2012-06-05 11:22 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-09 21:39 - 2011-12-10 23:22 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-09-09 21:39 - 2010-10-29 12:54 - 00000000 ____D () C:\Program Files (x86)\totalcmd
2014-09-09 21:39 - 2010-10-26 19:59 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-09 18:17 - 2014-09-09 18:17 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Media Freeware
2014-09-09 18:16 - 2014-09-09 18:16 - 00005458 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5
2014-09-09 18:16 - 2014-09-09 18:14 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2014-09-09 18:15 - 2014-09-09 18:15 - 00006482 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4
2014-09-09 18:15 - 2014-09-09 18:15 - 00006480 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6
2014-09-09 18:15 - 2014-09-09 18:15 - 00006146 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7
2014-09-09 18:15 - 2014-09-09 18:15 - 00005780 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1
2014-09-09 18:15 - 2014-09-09 18:15 - 00005122 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2
2014-09-09 18:15 - 2014-09-09 18:15 - 00004458 _____ () C:\Windows\System32\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a
2014-09-09 18:15 - 2014-09-09 18:15 - 00003882 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-09 18:15 - 2014-09-09 18:14 - 00003638 _____ () C:\Windows\System32\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e
2014-09-09 18:14 - 2014-09-09 18:14 - 00007508 _____ () C:\Windows\System32\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11
2014-09-09 18:14 - 2014-09-09 18:14 - 00003628 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-09 18:14 - 2014-09-09 18:14 - 00000000 ____D () C:\Users\komik\AppData\Local\globalUpdate
2014-09-09 18:14 - 2014-09-09 18:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-09 18:10 - 2014-04-29 12:25 - 00000000 ____D () C:\Users\komik\Desktop\temp
2014-09-08 22:23 - 2010-10-26 19:34 - 00000000 ____D () C:\Users\komik\AppData\Roaming\uTorrent
2014-09-08 21:23 - 2014-08-01 20:46 - 00000000 ____D () C:\Users\komik\AppData\Roaming\vlc
2014-09-06 17:42 - 2014-09-06 17:15 - 00000000 ____D () C:\Users\komik\Desktop\Léto
2014-09-03 21:15 - 2011-04-11 17:44 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Skype
2014-09-02 21:33 - 2010-10-27 00:34 - 00001437 _____ () C:\Users\komik\Documents\ax_files.xml
2014-08-27 20:41 - 2011-04-11 17:44 - 00000000 ____D () C:\ProgramData\Skype
2014-08-27 20:21 - 2011-05-09 14:42 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-14 12:37 - 2012-07-07 19:39 - 00000000 ____D () C:\Users\komik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-12 17:42 - 2009-07-26 20:41 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-08-12 17:42 - 2009-07-26 20:41 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-08-12 17:42 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\komik\AppData\Local\Temp\askToolbarInstaller.exe
C:\Users\komik\AppData\Local\Temp\binkw32.dll
C:\Users\komik\AppData\Local\Temp\d2l_Install.exe
C:\Users\komik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgzoqv2.dll
C:\Users\komik\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\komik\AppData\Local\Temp\ginstall.dll
C:\Users\komik\AppData\Local\Temp\GomEncDnInstaller.exe
C:\Users\komik\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\komik\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\komik\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\komik\AppData\Local\Temp\Last.fm-2.1.33.exe
C:\Users\komik\AppData\Local\Temp\ose00000.exe
C:\Users\komik\AppData\Local\Temp\ripsetup.exe
C:\Users\komik\AppData\Local\Temp\rpsetup.exe
C:\Users\komik\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\komik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\komik\AppData\Local\Temp\switchsetup.exe
C:\Users\komik\AppData\Local\Temp\uninst.exe
C:\Users\komik\AppData\Local\Temp\uttCA67.tmp.exe
C:\Users\komik\AppData\Local\Temp\WinampPluginSetup_2.1.0.9.exe
C:\Users\komik\AppData\Local\Temp\wpsetup.exe
C:\Users\komik\AppData\Local\Temp\_is2EB3.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job => C:\Program Files (x86)\SavePass 1.1\05c9666f-c29f-452c-bff9-e23080ba959a.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job => C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job => C:\Program Files (x86)\SavePass 1.1\fa2f651c-4632-4369-99d7-d5e88d0dd21e.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:A0CB5C3C
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\komik\Desktop" je 1517 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
SavePass
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: SavePass
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *kms* /s *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: SavePass
OTL.Txt:
OTL logfile created on: 11.9.2014 17:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\komik\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,44% Memory free
7,73 Gb Paging File | 5,37 Gb Available in Paging File | 69,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 49,03 Gb Free Space | 50,26% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 11,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive F: | 610,76 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KOMIK-PC | User Name: komik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.09.11 17:15:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
PRC - [2014.09.09 18:15:54 | 000,369,024 | ---- | M] (OB) -- C:\Program Files (x86)\SavePass 1.1\05c9666f-c29f-452c-bff9-e23080ba959a.exe
PRC - [2014.09.09 18:15:20 | 001,271,680 | ---- | M] (OB) -- C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-6.exe
PRC - [2014.08.30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.07.31 16:37:50 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.07.06 21:37:21 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.09.05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.09.03 14:02:02 | 001,763,840 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
PRC - [2013.08.29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.26 20:49:52 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2010.04.02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 01:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
========== Modules (No Company Name) ==========
MOD - [2014.09.11 12:45:57 | 000,043,008 | ---- | M] () -- c:\Users\komik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptoci44.dll
MOD - [2014.09.09 18:15:20 | 000,128,896 | ---- | M] () -- C:\Program Files (x86)\SavePass 1.1\132a70f1-2a61-4313-962d-b10ae258e087.dll
MOD - [2014.08.30 04:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014.08.30 04:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014.08.30 04:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014.08.30 04:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
MOD - [2014.08.30 04:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
MOD - [2014.08.30 04:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014.07.30 02:20:20 | 003,610,624 | ---- | M] () -- C:\Users\komik\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014.07.06 21:37:23 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.06 21:37:22 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.09.03 14:01:36 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Last.fm\listener.dll
MOD - [2013.09.03 14:01:32 | 000,736,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\unicorn.dll
MOD - [2013.09.03 14:01:14 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\logger.dll
MOD - [2013.09.03 10:54:56 | 000,351,232 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm.dll
MOD - [2013.08.23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\komik\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.01.18 12:49:56 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
MOD - [2013.01.18 12:39:50 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\phonon.dll
MOD - [2012.12.13 01:13:36 | 002,286,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlccore.dll
MOD - [2012.12.13 01:13:32 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012.12.13 01:12:58 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlc.dll
MOD - [2011.11.17 12:31:34 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.11.17 12:31:34 | 000,294,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2011.11.17 12:31:34 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2011.11.17 12:31:34 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2011.11.17 12:31:34 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2011.11.17 12:31:34 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2011.11.17 12:31:34 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.11.17 12:31:34 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.11.17 12:31:34 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2011.11.17 12:31:34 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.11.17 12:31:34 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
MOD - [2011.11.17 12:31:34 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.11.17 12:31:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.11.17 12:31:34 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.11.17 12:31:34 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.11.17 12:31:34 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2011.11.17 12:31:34 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2011.11.17 12:31:34 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2011.11.17 12:31:34 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2011.11.17 12:31:34 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2011.11.17 12:31:34 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.11.17 12:31:34 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2011.11.17 12:31:34 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.11.17 12:31:34 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2011.11.17 12:31:34 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2011.11.17 12:31:34 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2011.11.17 12:31:34 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2011.11.17 12:31:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.11.17 12:31:34 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.11.17 12:31:34 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.11.17 12:31:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.11.17 12:31:34 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2011.11.17 12:31:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.11.17 12:31:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.11.17 12:31:34 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.11.17 12:31:34 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.11.17 12:31:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.11.17 12:31:34 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.11.17 12:31:33 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.11.17 12:31:33 | 000,318,464 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2011.11.17 12:31:33 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.11.17 12:31:33 | 000,290,304 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.11.17 12:31:33 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011.11.17 12:31:33 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.11.17 12:31:33 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.11.17 12:31:33 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.11.17 12:31:33 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.11.17 12:31:33 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.11.17 12:31:33 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.11.17 12:31:33 | 000,075,264 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.11.17 12:31:33 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.11.17 12:31:33 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.11.17 12:31:33 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.11.17 12:31:33 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2011.11.17 12:31:33 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.11.17 12:31:33 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.11.17 12:31:33 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.11.17 12:31:33 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.11.17 12:31:33 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2009.06.06 23:25:30 | 000,360,448 | ---- | M] () -- C:\Windows\system\BisonC07.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.07.06 21:37:21 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.09.09 18:14:32 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014.09.09 18:14:32 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014.05.16 12:01:33 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.09.05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.08.29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.07.06 21:37:59 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.06 21:37:30 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.06 21:37:29 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.06 21:37:29 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.06 21:37:29 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.06 21:37:29 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.06 21:37:29 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.07.06 21:37:26 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.19 15:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.05 03:36:32 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.28 23:44:09 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.02.02 15:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.01.18 11:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009.12.01 17:37:28 | 001,270,896 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2009.10.19 00:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009.09.17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.02 10:11:16 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/10/31 11:11:13] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 2682bfa0d4
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.06 21:37:32 | 000,000,000 | ---D | M]
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014.05.01 17:11:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.11.18 18:44:16 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2010.12.08 00:25:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.14_0\
CHR - Extension: Dokumenty Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: Rating Program Extension = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\imbankdmoclhcdmdejkklikkpaidaeij\1.1.2_0\
CHR - Extension: Peněženka Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.09.02 21:32:49 | 000,001,018 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O1 - Hosts: 127.0.0.1 search.babylon.com
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110611341129} - No CLSID value found.
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {11111111-1111-1111-1111-110611341129} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xgchabgnd.exe ()
O4:64bit: - HKLM..\Run: [XeroxScanUtility] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe (Xerox Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QT Lite\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1196..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1196..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\komik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EE3EBDF-1018-4B39-A97C-22539801505E}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.09.11 17:15:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
[2014.09.10 15:43:39 | 000,000,000 | ---D | C] -- C:\FRST
[2014.09.10 15:09:13 | 002,105,856 | ---- | C] (Farbar) -- C:\Users\komik\Desktop\FRST64.exe
[2014.09.09 18:17:46 | 000,000,000 | ---D | C] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2014.09.09 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\komik\AppData\Local\globalUpdate
[2014.09.09 18:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014.09.09 18:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SavePass 1.1
[2014.09.06 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\komik\Desktop\Léto
========== Files - Modified Within 7 Days ==========
[2014.09.11 17:20:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.09.11 17:18:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.11 17:15:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
[2014.09.11 17:15:00 | 000,003,452 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.11 16:53:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.09.11 12:49:54 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.09.11 12:49:54 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.11 12:44:28 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.11 12:44:27 | 000,004,478 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.11 12:44:23 | 000,003,452 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.11 12:44:23 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.11 12:44:21 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.09.11 12:44:17 | 000,003,116 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.11 12:44:17 | 000,002,750 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.11 12:44:17 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.11 12:44:16 | 000,002,092 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.11 12:44:13 | 000,000,612 | ---- | M] () -- C:\Windows\tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.11 12:44:12 | 000,001,428 | ---- | M] () -- C:\Windows\tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.11 12:43:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.09.11 12:43:52 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.11 00:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.10 15:02:52 | 002,105,856 | ---- | M] (Farbar) -- C:\Users\komik\Desktop\FRST64.exe
========== Files Created - No Company Name ==========
[2014.09.11 17:20:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.09.09 18:16:09 | 000,002,428 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.09 18:16:01 | 000,002,428 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.09 18:15:54 | 000,001,428 | ---- | C] () -- C:\Windows\tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.09 18:15:42 | 000,002,092 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.09 18:15:35 | 000,002,750 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.09 18:15:30 | 000,003,452 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.09 18:15:10 | 000,003,452 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.09 18:15:07 | 000,003,116 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.09 18:14:59 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.09 18:14:55 | 000,000,612 | ---- | C] () -- C:\Windows\tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.09 18:14:52 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.09 18:14:35 | 000,004,478 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.05.19 16:09:50 | 001,560,276 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.16 16:59:18 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec4e043a
[2012.05.31 16:58:20 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\74e90350
[2012.05.23 17:38:14 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\fbdb6034
[2012.05.22 16:02:39 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6b6f38f2
[2012.05.22 16:01:57 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\620bf159
[2012.05.10 18:08:58 | 000,000,132 | ---- | C] () -- C:\Users\komik\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.03.22 12:12:07 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\65362cb0
[2012.03.22 12:10:25 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\549bb16c
[2012.03.22 12:09:16 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e6eeb748
[2012.03.22 12:06:42 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\18eab758
[2012.03.22 12:05:49 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bc75d998
[2012.03.22 12:04:17 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\2490ec58
[2012.03.22 12:01:33 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\df1d2298
[2012.03.22 11:59:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f665d63c
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\b9d823d2
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\b9a3a7ae
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ac115ee2
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\abd5dcdc
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\9cd0c9d0
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\9c953616
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\8d00d008
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\8cb7dab0
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7db261de
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7d77dc6a
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6dc30352
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6d8d7792
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5bf7a8e6
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5bc32f3e
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\445f357e
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\43fe1cc6
[2012.03.22 11:58:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a9403e48
[2012.03.22 11:58:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a9062408
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f2dc32be
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f2a816aa
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f230718e
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f201b21a
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f1d49666
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f170ecba
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f12f2cea
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\eacb3f28
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e84e9cca
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e821b242
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e7c4b0fe
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e780da0e
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e683bc4e
[2012.03.21 20:47:58 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\440da10d
[2012.03.21 20:47:05 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d8ad26e2
[2012.03.21 20:47:05 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d8562070
[2012.03.21 20:46:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\24e375d3
[2012.03.21 20:46:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\24af372b
[2012.03.21 20:46:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec2883ca
[2012.03.21 20:46:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ebf275a2
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\fb70bca0
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f666a5e0
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5f5d193
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5d02c23
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5a6c063
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5373320
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f4ede998
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ee3b19a7
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec678253
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec3dfbb3
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec000b27
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ebd26c1f
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\eb33432b
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dcd6374c
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc8e79bc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc071904
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dbd96708
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dba9a1ec
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db373010
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\daf562a0
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d45887dc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1ee1144
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1bc859c
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d16c30bc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1302de8
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d02768c7
[2012.03.21 00:07:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\63ffa4ba
[2012.03.21 00:07:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\63a6b6de
[2012.03.21 00:07:29 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\58eaf75e
[2012.03.21 00:07:29 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\58b4fd42
[2012.03.21 00:07:26 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\880f0174
[2012.03.21 00:07:26 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\87b0b4c2
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c88790cc
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c85979dc
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7eabfc0
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7c50498
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c79cfa6c
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7452b28
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7111128
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c0f3f7ae
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bf23af9e
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bef91ab6
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bebcd90a
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\be8f9c9a
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bde694f6
[2012.03.21 00:03:20 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7895bf18
[2012.03.21 00:02:47 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f3a2515c
[2012.03.21 00:02:47 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f36de740
[2012.03.21 00:02:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a8e24f76
[2012.03.21 00:02:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a8ac1a32
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\736f798f
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\733a8557
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7295595f
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\725be63b
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\721a37df
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6fc4fc04
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6f90fa2c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6ac35698
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\49a24d20
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4972316c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\490be1e0
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\48cb4d8c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\47d32130
[2011.12.20 13:35:32 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\cfc03a06
[2011.12.20 13:34:52 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\3f63de6e
[2011.12.20 13:34:52 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\3f341462
[2011.12.20 13:34:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5fc33a58
[2011.12.20 13:34:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5f60dbe6
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc7330d8
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc3f310e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dbceecec
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dba8cdac
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db7d717e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db205ae2
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\daebdf56
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d52f59cc
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d34e4c3c
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d322557e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d2deff90
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d2b321cc
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d213a0c6
[2011.12.20 13:33:56 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5ab525f8
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\56b388fb
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5660d2db
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\55ae1f2f
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\556ec7c7
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5526d0c7
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5497587b
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\544bcc63
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4c7106c0
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4a349d94
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\49f61118
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4996c7f0
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4954a4b4
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\489367f0
[2011.12.05 17:09:20 | 000,004,608 | ---- | C] () -- C:\Users\komik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.20 15:55:40 | 000,072,080 | ---- | C] () -- C:\Users\komik\g2mdlhlpx.exe
[2010.12.21 19:16:27 | 000,007,604 | ---- | C] () -- C:\Users\komik\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.02.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Allstar
[2010.11.14 15:51:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Ashampoo
[2014.01.24 22:05:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\AVAST Software
[2012.07.12 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Babylon
[2011.12.18 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Broad Intelligence
[2014.03.03 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer
[2012.01.01 21:16:44 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer Pro
[2010.10.31 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Canneverbe Limited
[2012.03.26 09:14:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.09.11 12:46:06 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Dropbox
[2014.04.14 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Freeplane
[2012.04.05 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Leadertech
[2014.09.09 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2010.11.22 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NCH Swift Sound
[2011.11.02 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\PC-Mac PasswordVault 2.x
[2010.10.26 22:43:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\QIP
[2011.06.11 11:14:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\ScummVM
[2012.06.13 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\SendBlaster2
[2013.02.13 18:29:33 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.12 15:02:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\systweak
[2011.05.17 18:41:18 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\TS3Client
[2014.09.08 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\uTorrent
[2012.04.05 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Xerox
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.04.07 11:01:33 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.04.07 11:01:34 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.05.16 12:01:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.09.09 18:14:35 | 000,004,478 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.09 18:14:52 | 000,000,880 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.09 18:14:55 | 000,000,612 | ---- | C] () -- C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.09 18:14:59 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.09 18:15:07 | 000,003,116 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.09 18:15:10 | 000,003,452 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.09 18:15:30 | 000,003,452 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.09 18:15:35 | 000,002,750 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.09 18:15:42 | 000,002,092 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.09 18:15:54 | 000,001,428 | ---- | C] () -- C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.09 18:16:01 | 000,002,428 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.09 18:16:09 | 000,002,428 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
OTL logfile created on: 11.9.2014 17:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\komik\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,44% Memory free
7,73 Gb Paging File | 5,37 Gb Available in Paging File | 69,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 49,03 Gb Free Space | 50,26% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 11,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive F: | 610,76 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KOMIK-PC | User Name: komik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.09.11 17:15:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
PRC - [2014.09.09 18:15:54 | 000,369,024 | ---- | M] (OB) -- C:\Program Files (x86)\SavePass 1.1\05c9666f-c29f-452c-bff9-e23080ba959a.exe
PRC - [2014.09.09 18:15:20 | 001,271,680 | ---- | M] (OB) -- C:\Program Files (x86)\SavePass 1.1\da7529be-833d-4d96-9f54-1347e91175bf-6.exe
PRC - [2014.08.30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.07.31 16:37:50 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.07.06 21:37:21 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.09.05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.09.03 14:02:02 | 001,763,840 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
PRC - [2013.08.29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.26 20:49:52 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2010.04.02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 01:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
========== Modules (No Company Name) ==========
MOD - [2014.09.11 12:45:57 | 000,043,008 | ---- | M] () -- c:\Users\komik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptoci44.dll
MOD - [2014.09.09 18:15:20 | 000,128,896 | ---- | M] () -- C:\Program Files (x86)\SavePass 1.1\132a70f1-2a61-4313-962d-b10ae258e087.dll
MOD - [2014.08.30 04:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014.08.30 04:49:40 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014.08.30 04:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014.08.30 04:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
MOD - [2014.08.30 04:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
MOD - [2014.08.30 04:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014.07.30 02:20:20 | 003,610,624 | ---- | M] () -- C:\Users\komik\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014.07.06 21:37:23 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.06 21:37:22 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.09.03 14:01:36 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Last.fm\listener.dll
MOD - [2013.09.03 14:01:32 | 000,736,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\unicorn.dll
MOD - [2013.09.03 14:01:14 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\logger.dll
MOD - [2013.09.03 10:54:56 | 000,351,232 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm.dll
MOD - [2013.08.23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\komik\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.01.18 12:49:56 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
MOD - [2013.01.18 12:39:50 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\phonon.dll
MOD - [2012.12.13 01:13:36 | 002,286,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlccore.dll
MOD - [2012.12.13 01:13:32 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012.12.13 01:12:58 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlc.dll
MOD - [2011.11.17 12:31:34 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.11.17 12:31:34 | 000,294,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2011.11.17 12:31:34 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2011.11.17 12:31:34 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2011.11.17 12:31:34 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2011.11.17 12:31:34 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2011.11.17 12:31:34 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.11.17 12:31:34 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.11.17 12:31:34 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2011.11.17 12:31:34 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.11.17 12:31:34 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
MOD - [2011.11.17 12:31:34 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.11.17 12:31:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.11.17 12:31:34 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.11.17 12:31:34 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.11.17 12:31:34 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2011.11.17 12:31:34 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2011.11.17 12:31:34 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2011.11.17 12:31:34 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2011.11.17 12:31:34 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2011.11.17 12:31:34 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.11.17 12:31:34 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2011.11.17 12:31:34 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.11.17 12:31:34 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2011.11.17 12:31:34 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2011.11.17 12:31:34 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2011.11.17 12:31:34 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2011.11.17 12:31:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.11.17 12:31:34 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.11.17 12:31:34 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.11.17 12:31:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.11.17 12:31:34 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2011.11.17 12:31:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.11.17 12:31:34 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.11.17 12:31:34 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.11.17 12:31:34 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.11.17 12:31:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.11.17 12:31:34 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.11.17 12:31:33 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.11.17 12:31:33 | 000,318,464 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2011.11.17 12:31:33 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.11.17 12:31:33 | 000,290,304 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.11.17 12:31:33 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011.11.17 12:31:33 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.11.17 12:31:33 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.11.17 12:31:33 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.11.17 12:31:33 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.11.17 12:31:33 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.11.17 12:31:33 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.11.17 12:31:33 | 000,075,264 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.11.17 12:31:33 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.11.17 12:31:33 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.11.17 12:31:33 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.11.17 12:31:33 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2011.11.17 12:31:33 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.11.17 12:31:33 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.11.17 12:31:33 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.11.17 12:31:33 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.11.17 12:31:33 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2009.06.06 23:25:30 | 000,360,448 | ---- | M] () -- C:\Windows\system\BisonC07.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.07.06 21:37:21 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.09.09 18:14:32 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014.09.09 18:14:32 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014.05.16 12:01:33 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.09.05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.08.29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.07.06 21:37:59 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.06 21:37:30 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.06 21:37:29 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.06 21:37:29 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.06 21:37:29 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.06 21:37:29 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.06 21:37:29 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.07.06 21:37:26 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.19 15:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.05 03:36:32 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.28 23:44:09 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.02.02 15:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.01.18 11:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009.12.01 17:37:28 | 001,270,896 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2009.10.19 00:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009.09.17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.02 10:11:16 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/10/31 11:11:13] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 2682bfa0d4
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.06 21:37:32 | 000,000,000 | ---D | M]
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014.05.01 17:11:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.29 10:43:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.11.18 18:44:16 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2010.12.08 00:25:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.14_0\
CHR - Extension: Dokumenty Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: Rating Program Extension = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\imbankdmoclhcdmdejkklikkpaidaeij\1.1.2_0\
CHR - Extension: Peněženka Google = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.09.02 21:32:49 | 000,001,018 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O1 - Hosts: 127.0.0.1 search.babylon.com
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110611341129} - No CLSID value found.
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {11111111-1111-1111-1111-110611341129} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xgchabgnd.exe ()
O4:64bit: - HKLM..\Run: [XeroxScanUtility] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe (Xerox Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QT Lite\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1196..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-602876395-1928980917-1894684931-1196..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\komik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EE3EBDF-1018-4B39-A97C-22539801505E}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e1df985a-e14f-11df-be72-c44619be145a}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.09.11 17:15:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
[2014.09.10 15:43:39 | 000,000,000 | ---D | C] -- C:\FRST
[2014.09.10 15:09:13 | 002,105,856 | ---- | C] (Farbar) -- C:\Users\komik\Desktop\FRST64.exe
[2014.09.09 18:17:46 | 000,000,000 | ---D | C] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2014.09.09 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\komik\AppData\Local\globalUpdate
[2014.09.09 18:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014.09.09 18:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SavePass 1.1
[2014.09.06 17:15:10 | 000,000,000 | ---D | C] -- C:\Users\komik\Desktop\Léto
========== Files - Modified Within 7 Days ==========
[2014.09.11 17:20:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.09.11 17:18:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.11 17:15:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\komik\Desktop\OTL.exe
[2014.09.11 17:15:00 | 000,003,452 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.11 16:53:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.09.11 12:49:54 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.09.11 12:49:54 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.11 12:44:28 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.11 12:44:27 | 000,004,478 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.11 12:44:23 | 000,003,452 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.11 12:44:23 | 000,002,428 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.11 12:44:21 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.09.11 12:44:17 | 000,003,116 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.11 12:44:17 | 000,002,750 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.11 12:44:17 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.11 12:44:16 | 000,002,092 | ---- | M] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.11 12:44:13 | 000,000,612 | ---- | M] () -- C:\Windows\tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.11 12:44:12 | 000,001,428 | ---- | M] () -- C:\Windows\tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.11 12:43:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.09.11 12:43:52 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.11 00:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.10 15:02:52 | 002,105,856 | ---- | M] (Farbar) -- C:\Users\komik\Desktop\FRST64.exe
========== Files Created - No Company Name ==========
[2014.09.11 17:20:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.09.09 18:16:09 | 000,002,428 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.09 18:16:01 | 000,002,428 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.09 18:15:54 | 000,001,428 | ---- | C] () -- C:\Windows\tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.09 18:15:42 | 000,002,092 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.09 18:15:35 | 000,002,750 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.09 18:15:30 | 000,003,452 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.09 18:15:10 | 000,003,452 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.09 18:15:07 | 000,003,116 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.09 18:14:59 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.09 18:14:55 | 000,000,612 | ---- | C] () -- C:\Windows\tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.09 18:14:52 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.09 18:14:35 | 000,004,478 | ---- | C] () -- C:\Windows\tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.05.19 16:09:50 | 001,560,276 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.16 16:59:18 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec4e043a
[2012.05.31 16:58:20 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\74e90350
[2012.05.23 17:38:14 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\fbdb6034
[2012.05.22 16:02:39 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6b6f38f2
[2012.05.22 16:01:57 | 000,000,000 | ---- | C] () -- C:\Users\komik\AppData\Roaming\620bf159
[2012.05.10 18:08:58 | 000,000,132 | ---- | C] () -- C:\Users\komik\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.03.22 12:12:07 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\65362cb0
[2012.03.22 12:10:25 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\549bb16c
[2012.03.22 12:09:16 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e6eeb748
[2012.03.22 12:06:42 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\18eab758
[2012.03.22 12:05:49 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bc75d998
[2012.03.22 12:04:17 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\2490ec58
[2012.03.22 12:01:33 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\df1d2298
[2012.03.22 11:59:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f665d63c
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\b9d823d2
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\b9a3a7ae
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ac115ee2
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\abd5dcdc
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\9cd0c9d0
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\9c953616
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\8d00d008
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\8cb7dab0
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7db261de
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7d77dc6a
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6dc30352
[2012.03.22 11:59:09 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6d8d7792
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5bf7a8e6
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5bc32f3e
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\445f357e
[2012.03.22 11:59:08 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\43fe1cc6
[2012.03.22 11:58:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a9403e48
[2012.03.22 11:58:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a9062408
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f2dc32be
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f2a816aa
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f230718e
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f201b21a
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f1d49666
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f170ecba
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f12f2cea
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\eacb3f28
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e84e9cca
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e821b242
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e7c4b0fe
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e780da0e
[2012.03.22 11:58:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\e683bc4e
[2012.03.21 20:47:58 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\440da10d
[2012.03.21 20:47:05 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d8ad26e2
[2012.03.21 20:47:05 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d8562070
[2012.03.21 20:46:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\24e375d3
[2012.03.21 20:46:21 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\24af372b
[2012.03.21 20:46:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec2883ca
[2012.03.21 20:46:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ebf275a2
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\fb70bca0
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f666a5e0
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5f5d193
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5d02c23
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5a6c063
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f5373320
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f4ede998
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ee3b19a7
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec678253
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec3dfbb3
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ec000b27
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\ebd26c1f
[2012.03.21 20:46:12 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\eb33432b
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dcd6374c
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc8e79bc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc071904
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dbd96708
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dba9a1ec
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db373010
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\daf562a0
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d45887dc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1ee1144
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1bc859c
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d16c30bc
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d1302de8
[2012.03.21 20:46:10 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d02768c7
[2012.03.21 00:07:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\63ffa4ba
[2012.03.21 00:07:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\63a6b6de
[2012.03.21 00:07:29 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\58eaf75e
[2012.03.21 00:07:29 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\58b4fd42
[2012.03.21 00:07:26 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\880f0174
[2012.03.21 00:07:26 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\87b0b4c2
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c88790cc
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c85979dc
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7eabfc0
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7c50498
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c79cfa6c
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7452b28
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c7111128
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\c0f3f7ae
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bf23af9e
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bef91ab6
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bebcd90a
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\be8f9c9a
[2012.03.21 00:07:24 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\bde694f6
[2012.03.21 00:03:20 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7895bf18
[2012.03.21 00:02:47 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f3a2515c
[2012.03.21 00:02:47 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\f36de740
[2012.03.21 00:02:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a8e24f76
[2012.03.21 00:02:19 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\a8ac1a32
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\736f798f
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\733a8557
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\7295595f
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\725be63b
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\721a37df
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6fc4fc04
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6f90fa2c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\6ac35698
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\49a24d20
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4972316c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\490be1e0
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\48cb4d8c
[2012.03.21 00:02:15 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\47d32130
[2011.12.20 13:35:32 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\cfc03a06
[2011.12.20 13:34:52 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\3f63de6e
[2011.12.20 13:34:52 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\3f341462
[2011.12.20 13:34:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5fc33a58
[2011.12.20 13:34:43 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5f60dbe6
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc7330d8
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dc3f310e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dbceecec
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\dba8cdac
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db7d717e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\db205ae2
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\daebdf56
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d52f59cc
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d34e4c3c
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d322557e
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d2deff90
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d2b321cc
[2011.12.20 13:34:35 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\d213a0c6
[2011.12.20 13:33:56 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5ab525f8
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\56b388fb
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5660d2db
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\55ae1f2f
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\556ec7c7
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5526d0c7
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\5497587b
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\544bcc63
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4c7106c0
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4a349d94
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\49f61118
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4996c7f0
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\4954a4b4
[2011.12.20 13:33:27 | 000,004,640 | ---- | C] () -- C:\Users\komik\AppData\Roaming\489367f0
[2011.12.05 17:09:20 | 000,004,608 | ---- | C] () -- C:\Users\komik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.20 15:55:40 | 000,072,080 | ---- | C] () -- C:\Users\komik\g2mdlhlpx.exe
[2010.12.21 19:16:27 | 000,007,604 | ---- | C] () -- C:\Users\komik\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.02.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Allstar
[2010.11.14 15:51:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Ashampoo
[2014.01.24 22:05:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\AVAST Software
[2012.07.12 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Babylon
[2011.12.18 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Broad Intelligence
[2014.03.03 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer
[2012.01.01 21:16:44 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer Pro
[2010.10.31 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Canneverbe Limited
[2012.03.26 09:14:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.09.11 12:46:06 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Dropbox
[2014.04.14 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Freeplane
[2012.04.05 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Leadertech
[2014.09.09 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2010.11.22 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NCH Swift Sound
[2011.11.02 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\PC-Mac PasswordVault 2.x
[2010.10.26 22:43:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\QIP
[2011.06.11 11:14:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\ScummVM
[2012.06.13 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\SendBlaster2
[2013.02.13 18:29:33 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.12 15:02:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\systweak
[2011.05.17 18:41:18 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\TS3Client
[2014.09.08 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\uTorrent
[2012.04.05 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Xerox
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.04.07 11:01:33 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.04.07 11:01:34 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.05.16 12:01:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.09.09 18:14:35 | 000,004,478 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.09 18:14:52 | 000,000,880 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.09 18:14:55 | 000,000,612 | ---- | C] () -- C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.09 18:14:59 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.09 18:15:07 | 000,003,116 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.09 18:15:10 | 000,003,452 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.09 18:15:30 | 000,003,452 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.09 18:15:35 | 000,002,750 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.09 18:15:42 | 000,002,092 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.09 18:15:54 | 000,001,428 | ---- | C] () -- C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.09 18:16:01 | 000,002,428 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.09 18:16:09 | 000,002,428 | ---- | C] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
Re: SavePass
pokračování OTL.Txt:
< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[18 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[24 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avast_ash\uTorrent (all users)\*.tmp files -> C:\Windows\Temp\avast_ash\uTorrent (all users)\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.02.26 21:39:37 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Adobe
[2013.02.13 18:29:34 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Adobe Mini Bridge CS5
[2011.02.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Allstar
[2013.06.12 17:23:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Apple Computer
[2010.11.14 15:51:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Ashampoo
[2014.01.24 22:05:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\AVAST Software
[2012.07.12 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Babylon
[2011.12.18 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Broad Intelligence
[2014.03.03 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer
[2012.01.01 21:16:44 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer Pro
[2010.10.31 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Canneverbe Limited
[2012.03.26 09:14:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.10.31 13:00:34 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\CyberLink
[2014.09.11 12:46:06 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Dropbox
[2014.04.14 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Freeplane
[2010.10.26 17:41:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Identities
[2010.10.26 18:16:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\InstallShield
[2012.04.05 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Leadertech
[2010.10.26 18:27:35 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Center Programs
[2014.09.09 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2012.06.11 15:47:35 | 000,000,000 | --SD | M] -- C:\Users\komik\AppData\Roaming\Microsoft
[2010.11.22 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NCH Swift Sound
[2014.05.27 08:48:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NVIDIA
[2011.11.02 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\PC-Mac PasswordVault 2.x
[2010.10.26 22:43:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\QIP
[2011.06.11 11:14:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\ScummVM
[2012.06.13 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\SendBlaster2
[2014.09.03 21:15:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Skype
[2011.06.27 10:35:30 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\skypePM
[2013.02.13 18:29:33 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.12 15:02:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\systweak
[2011.05.17 18:41:18 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\TS3Client
[2014.09.08 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\uTorrent
[2014.09.08 21:23:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\vlc
[2011.05.13 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Winamp
[2010.10.26 20:01:59 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\WinRAR
[2012.04.05 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Xerox
< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.07.30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.07.30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2014.05.18 13:04:01 | 000,119,808 | R--- | M] () -- C:\Users\komik\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2014.07.06 22:12:13 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\uTorrent.exe
[2014.02.06 20:03:53 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014.04.29 20:21:06 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.05.21 15:40:26 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.06.17 08:48:43 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014.07.06 22:12:13 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.09.11 12:44:12 | 000,001,428 | ---- | M] () -- C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.11 17:53:13 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.09.11 12:44:17 | 000,002,750 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.11 12:44:27 | 000,004,478 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.11 12:44:16 | 000,002,092 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.11 12:44:23 | 000,003,452 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.11 12:44:23 | 000,002,428 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.11 12:44:28 | 000,002,428 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.11 17:15:00 | 000,003,452 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.11 12:44:17 | 000,003,116 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.11 12:44:13 | 000,000,612 | ---- | M] () -- C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.11 12:44:17 | 000,000,880 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.11 00:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.11 12:44:21 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.11 17:18:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AlcoholAutomount" = "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009.11.15 11:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.06.20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.08.30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) MD5=0706DDBD4EA0D122CA069FF2552E20FD -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.09.11 17:20:38 | 000,000,512 | ---- | M] () MD5=F95148FF7599D98F479D8AC22F783E13 -- C:\PhysicalMBR.bin
< >
< *kms* /s >
[2009.07.26 20:39:17 | 000,002,560 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880\KMSVC.DLL.MUI
[2009.07.14 04:26:46 | 000,002,560 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b06ea24505da44de\KMSVC.DLL.MUI
[2010.11.20 15:26:42 | 000,090,624 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb\KMSVC.DLL
[2009.07.26 20:38:22 | 000,001,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880.manifest
[2009.07.14 04:44:48 | 000,001,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b06ea24505da44de.manifest
[2010.11.20 07:13:16 | 000,008,711 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb.manifest
< *crack* /s >
[2012.05.14 10:24:59 | 000,016,814 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Avast! Internet Security 7.0.1426 till 2050 Incl Crack @ Only By THE RAIN.torrent
[2012.06.05 10:50:21 | 000,002,250 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Quick-PDF PDF To Word Converter 2.2 + Crack-[HB].torrent
[2010.10.26 19:51:55 | 000,001,722 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.torrent
< *keygen* /s >
[2010.10.30 20:20:42 | 000,003,185 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\BS Player Pro v2.12.942 Pro + Keygen.exe.torrent
< *loader* /s >
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2010.03.15 14:20:28 | 000,010,781 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2010.03.15 14:20:34 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2010.03.15 14:20:34 | 000,013,453 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2010.02.05 01:34:54 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010.02.05 01:34:54 | 000,003,486 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2010.02.05 01:34:54 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.09.09 18:15:49 | 001,105,792 | ---- | M] () -- \Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe
[2014.07.06 21:37:21 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.06 21:37:21 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.15 11:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014.09.04 09:53:14 | 000,000,696 | ---- | M] () -- \Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.14_0\images\loader.gif
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\img\gifloader.gif
[2014.08.12 21:50:36 | 000,018,544 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\010FXSIE\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.06.01 20:06:13 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\010FXSIE\AdLoader[2].htm
[2014.02.26 21:31:20 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[1].htm
[2014.04.02 21:03:46 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[2].htm
[2014.06.08 20:16:57 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[3].htm
[2014.06.01 20:05:04 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[4].htm
[2014.04.16 13:45:09 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloaderror[1].js
[2014.04.16 13:45:09 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloader[1].js
[2014.04.28 10:50:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloader[2].js
[2014.02.26 21:31:20 | 000,111,819 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ACQO5I6\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.08.12 21:50:36 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ACQO5I6\AdLoader[1].htm
[2014.01.30 15:10:59 | 000,111,438 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2013.10.29 18:42:55 | 000,110,751 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader-d40a84753bed078348a772ed17f771c5.min[1].js
[2014.01.30 15:10:59 | 000,001,537 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader[1].htm
[2014.01.30 15:42:22 | 000,001,537 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader[2].htm
[2013.04.30 13:29:33 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\bundleloader[1].js
[2013.05.15 19:59:33 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\bundleloader[2].js
[2013.09.29 19:54:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\downloaderror[1].js
[2013.09.29 19:54:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\downloader[1].js
[2013.11.04 20:42:22 | 000,110,642 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2013.03.07 15:34:37 | 000,105,903 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.06.04 20:14:49 | 000,109,448 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.13 13:32:41 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloaderror[1].js
[2013.11.14 17:20:32 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloaderror[2].js
[2013.07.13 13:32:41 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloader[1].js
[2013.11.14 17:20:32 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloader[2].js
[2014.06.01 20:05:04 | 000,017,912 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.03.04 22:42:19 | 000,112,122 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.03.04 22:42:19 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader[1].htm
[2014.07.11 20:45:52 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader[2].htm
[2014.04.28 10:50:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\downloaderror[1].js
[2013.08.01 18:10:11 | 000,109,505 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013.12.20 21:23:52 | 000,110,991 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014.01.30 15:42:22 | 000,111,438 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2013.04.20 15:52:11 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\bundleloader[1].js
[2013.04.20 15:52:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[1].js
[2013.04.30 13:29:37 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[2].js
[2013.05.15 19:59:36 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[3].js
[2014.01.20 15:51:31 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[4].js
[2013.04.20 15:52:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[1].js
[2013.04.30 13:29:37 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[2].js
[2013.05.15 19:59:36 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[3].js
[2014.01.20 15:51:31 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[4].js
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011.05.12 22:36:18 | 000,014,893 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Snabba.Cash.2010.SWEDiSH.DVDRiP.XviD-DVD-Uploader.torrent
[2014.09.11 00:15:00 | 000,018,354 | ---- | M] () -- \Windows\Prefetch\SAVEPASS 1.1-CODEDOWNLOADER.E-73676C10.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 20:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 20:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 20:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 20:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 20:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011.04.15 00:53:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.15 00:53:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.15 00:53:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.15 00:53:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.15 00:53:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A0CB5C3C
< End of report >
< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[18 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[24 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avast_ash\uTorrent (all users)\*.tmp files -> C:\Windows\Temp\avast_ash\uTorrent (all users)\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.02.26 21:39:37 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Adobe
[2013.02.13 18:29:34 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Adobe Mini Bridge CS5
[2011.02.03 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Allstar
[2013.06.12 17:23:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Apple Computer
[2010.11.14 15:51:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Ashampoo
[2014.01.24 22:05:43 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\AVAST Software
[2012.07.12 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Babylon
[2011.12.18 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Broad Intelligence
[2014.03.03 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer
[2012.01.01 21:16:44 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\BSplayer Pro
[2010.10.31 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Canneverbe Limited
[2012.03.26 09:14:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.10.31 13:00:34 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\CyberLink
[2014.09.11 12:46:06 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Dropbox
[2014.04.14 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Freeplane
[2010.10.26 17:41:13 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Identities
[2010.10.26 18:16:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\InstallShield
[2012.04.05 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Leadertech
[2010.10.26 18:27:35 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Center Programs
[2014.09.09 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Media Freeware
[2012.06.11 15:47:35 | 000,000,000 | --SD | M] -- C:\Users\komik\AppData\Roaming\Microsoft
[2010.11.22 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NCH Swift Sound
[2014.05.27 08:48:50 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\NVIDIA
[2011.11.02 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\PC-Mac PasswordVault 2.x
[2010.10.26 22:43:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\QIP
[2011.06.11 11:14:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\ScummVM
[2012.06.13 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\SendBlaster2
[2014.09.03 21:15:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Skype
[2011.06.27 10:35:30 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\skypePM
[2013.02.13 18:29:33 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.12 15:02:08 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\systweak
[2011.05.17 18:41:18 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\TS3Client
[2014.09.08 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\uTorrent
[2014.09.08 21:23:49 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\vlc
[2011.05.13 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Winamp
[2010.10.26 20:01:59 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\WinRAR
[2012.04.05 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\komik\AppData\Roaming\Xerox
< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\komik\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.07.30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.07.30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Users\komik\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2014.05.18 13:04:01 | 000,119,808 | R--- | M] () -- C:\Users\komik\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2014.07.06 22:12:13 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\uTorrent.exe
[2014.02.06 20:03:53 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014.04.29 20:21:06 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.05.21 15:40:26 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.06.17 08:48:43 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014.07.06 22:12:13 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\komik\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.09.11 12:44:12 | 000,001,428 | ---- | M] () -- C:\Windows\Tasks\05c9666f-c29f-452c-bff9-e23080ba959a.job
[2014.09.11 17:53:13 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.09.11 12:44:17 | 000,002,750 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-1.job
[2014.09.11 12:44:27 | 000,004,478 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-11.job
[2014.09.11 12:44:16 | 000,002,092 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-2.job
[2014.09.11 12:44:23 | 000,003,452 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-4.job
[2014.09.11 12:44:23 | 000,002,428 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5.job
[2014.09.11 12:44:28 | 000,002,428 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-5_user.job
[2014.09.11 17:15:00 | 000,003,452 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-6.job
[2014.09.11 12:44:17 | 000,003,116 | ---- | M] () -- C:\Windows\Tasks\da7529be-833d-4d96-9f54-1347e91175bf-7.job
[2014.09.11 12:44:13 | 000,000,612 | ---- | M] () -- C:\Windows\Tasks\fa2f651c-4632-4369-99d7-d5e88d0dd21e.job
[2014.09.11 12:44:17 | 000,000,880 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.09.11 00:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.09.11 12:44:21 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.11 17:18:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AlcoholAutomount" = "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009.11.15 11:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.06.20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.08.30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) MD5=0706DDBD4EA0D122CA069FF2552E20FD -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.09.11 17:20:38 | 000,000,512 | ---- | M] () MD5=F95148FF7599D98F479D8AC22F783E13 -- C:\PhysicalMBR.bin
< >
< *kms* /s >
[2009.07.26 20:39:17 | 000,002,560 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880\KMSVC.DLL.MUI
[2009.07.14 04:26:46 | 000,002,560 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b06ea24505da44de\KMSVC.DLL.MUI
[2010.11.20 15:26:42 | 000,090,624 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb\KMSVC.DLL
[2009.07.26 20:38:22 | 000,001,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_6d1856e91edfe880.manifest
[2009.07.14 04:44:48 | 000,001,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b06ea24505da44de.manifest
[2010.11.20 07:13:16 | 000,008,711 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_70367407ace652fb.manifest
< *crack* /s >
[2012.05.14 10:24:59 | 000,016,814 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Avast! Internet Security 7.0.1426 till 2050 Incl Crack @ Only By THE RAIN.torrent
[2012.06.05 10:50:21 | 000,002,250 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Quick-PDF PDF To Word Converter 2.2 + Crack-[HB].torrent
[2010.10.26 19:51:55 | 000,001,722 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\WinRAR v3.90 Final + Crack (CLEAN) [h33t] - CaZoR.torrent
< *keygen* /s >
[2010.10.30 20:20:42 | 000,003,185 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\BS Player Pro v2.12.942 Pro + Keygen.exe.torrent
< *loader* /s >
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2010.03.15 14:20:28 | 000,010,781 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2010.03.15 14:20:34 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2010.03.15 14:20:34 | 000,013,453 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2010.02.05 01:34:54 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010.02.05 01:34:54 | 000,003,486 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2010.02.05 01:34:54 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.09.09 18:15:49 | 001,105,792 | ---- | M] () -- \Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe
[2014.07.06 21:37:21 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.06 21:37:21 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.15 11:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014.09.04 09:53:14 | 000,000,696 | ---- | M] () -- \Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.14_0\images\loader.gif
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\komik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\img\gifloader.gif
[2014.08.12 21:50:36 | 000,018,544 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\010FXSIE\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.06.01 20:06:13 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\010FXSIE\AdLoader[2].htm
[2014.02.26 21:31:20 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[1].htm
[2014.04.02 21:03:46 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[2].htm
[2014.06.08 20:16:57 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[3].htm
[2014.06.01 20:05:04 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\AdLoader[4].htm
[2014.04.16 13:45:09 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloaderror[1].js
[2014.04.16 13:45:09 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloader[1].js
[2014.04.28 10:50:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8PG4QEKS\downloader[2].js
[2014.02.26 21:31:20 | 000,111,819 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ACQO5I6\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.08.12 21:50:36 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ACQO5I6\AdLoader[1].htm
[2014.01.30 15:10:59 | 000,111,438 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2013.10.29 18:42:55 | 000,110,751 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader-d40a84753bed078348a772ed17f771c5.min[1].js
[2014.01.30 15:10:59 | 000,001,537 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader[1].htm
[2014.01.30 15:42:22 | 000,001,537 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\AdLoader[2].htm
[2013.04.30 13:29:33 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\bundleloader[1].js
[2013.05.15 19:59:33 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\bundleloader[2].js
[2013.09.29 19:54:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\downloaderror[1].js
[2013.09.29 19:54:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1MTHJ8R\downloader[1].js
[2013.11.04 20:42:22 | 000,110,642 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2013.03.07 15:34:37 | 000,105,903 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.06.04 20:14:49 | 000,109,448 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.13 13:32:41 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloaderror[1].js
[2013.11.14 17:20:32 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloaderror[2].js
[2013.07.13 13:32:41 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloader[1].js
[2013.11.14 17:20:32 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM4IBJGT\downloader[2].js
[2014.06.01 20:05:04 | 000,017,912 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.03.04 22:42:19 | 000,112,122 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.03.04 22:42:19 | 000,001,870 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader[1].htm
[2014.07.11 20:45:52 | 000,001,980 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\AdLoader[2].htm
[2014.04.28 10:50:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFTCP6JF\downloaderror[1].js
[2013.08.01 18:10:11 | 000,109,505 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013.12.20 21:23:52 | 000,110,991 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014.01.30 15:42:22 | 000,111,438 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2013.04.20 15:52:11 | 000,003,784 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\bundleloader[1].js
[2013.04.20 15:52:13 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[1].js
[2013.04.30 13:29:37 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[2].js
[2013.05.15 19:59:36 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[3].js
[2014.01.20 15:51:31 | 000,000,723 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloaderror[4].js
[2013.04.20 15:52:13 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[1].js
[2013.04.30 13:29:37 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[2].js
[2013.05.15 19:59:36 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[3].js
[2014.01.20 15:51:31 | 000,001,174 | ---- | M] () -- \Users\komik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNCOUOZ\downloader[4].js
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\komik\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011.05.12 22:36:18 | 000,014,893 | ---- | M] () -- \Users\komik\AppData\Roaming\uTorrent\Snabba.Cash.2010.SWEDiSH.DVDRiP.XviD-DVD-Uploader.torrent
[2014.09.11 00:15:00 | 000,018,354 | ---- | M] () -- \Windows\Prefetch\SAVEPASS 1.1-CODEDOWNLOADER.E-73676C10.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 20:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 20:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 20:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 20:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 20:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011.04.15 00:53:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.15 00:53:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.15 00:53:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.15 00:53:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.15 00:53:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A0CB5C3C
< End of report >
Re: SavePass
Extras.Txt:
OTL Extras logfile created on: 11.9.2014 17:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\komik\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,44% Memory free
7,73 Gb Paging File | 5,37 Gb Available in Paging File | 69,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 49,03 Gb Free Space | 50,26% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 11,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive F: | 610,76 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KOMIK-PC | User Name: komik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020ACD1B-26A7-491C-B839-CB8C0F11FC37}" = rport=445 | protocol=6 | dir=out | app=system |
"{0212CB8D-77BF-4A07-86FC-785AE886FB7C}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C011FDD-3ACA-408B-825F-698D98995B5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1CBD6C33-C760-43B5-A12E-BDE7C9B39DBA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{206B337D-C75E-4CB6-B4C3-7957199A68F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2480F574-118D-4826-8EF5-C6597971E965}" = rport=138 | protocol=17 | dir=out | app=system |
"{2FD68305-569D-4EDE-AA1B-4D03440F3A19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{32F5D75A-E141-4AA9-B80D-13F80140981B}" = lport=139 | protocol=6 | dir=in | app=system |
"{3FEE8856-A2D3-42B3-96D5-CF8616C8DF84}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4151B3AF-8439-47AE-AC1E-5289E4EEA1C5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4AF81CC9-0957-43AC-8277-E42DB0D23142}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CB75FB0-80A9-45A3-A366-D92457CE4E88}" = rport=139 | protocol=6 | dir=out | app=system |
"{4DE92B83-AFE7-49F7-963E-6E7DEC9A0C31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4FF61718-B4A2-4CCD-A779-131ED70589A4}" = lport=445 | protocol=6 | dir=in | app=system |
"{500587BC-87C0-47C8-BFEA-77563A247D14}" = rport=10243 | protocol=6 | dir=out | app=system |
"{69B3B5D6-7F47-4694-94A5-0BF67D09960C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{77D439C9-7082-4246-8041-B785AB0F9E5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{99B14609-154C-4B3B-9B1A-6E1D0F3536D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{9DB2CB01-0011-4C42-98C5-92B32A7E8CE1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED410BB6-09D6-4190-B76F-876493F4FC16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FB8AF6C6-60D9-449B-A8F7-4B46968FBAD9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFB25948-5BC1-457B-AA9F-1A7BAB4EC078}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028E9F79-0ECD-408E-AA92-50CB939BBF05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{07CFE6C7-E22C-4648-A3A3-FBA5E4D568FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AB9C545-D1F4-45A3-B98D-100C3704F4E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AEFBBD3-CD8C-4F2B-B239-6E6C286C45A4}" = protocol=6 | dir=in | app=d:\download\call.of.duty.4\call of duty 4 - modern warfare\iw3mp.exe |
"{0B05D799-30F4-4E1D-AF85-002D29C89F6F}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{18EAEEF7-F590-4517-8C4A-E096C1718508}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E683754-C87B-497F-91DA-842E9A14F639}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2DB767EA-9E13-46BA-973B-C34AAB0E01E3}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"{2F17C98E-27DD-42BE-B78D-ADFE5C54BD8C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2FCC2C66-0007-4114-B527-98AE73A5B2A3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{373B9F9A-DC6E-466D-BCE3-586ADFD51F48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38996D76-03D7-4B2E-85BA-D964D56D7E73}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"{55BC1DFA-3CC4-429F-BD1D-16876B472629}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{5DF2A5C4-8135-4422-A499-052B3713497C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{642A1E5C-8500-4EE3-AAC2-4E8303188262}" = protocol=6 | dir=out | app=system |
"{6506EB89-B21C-4181-A79D-48B14F25BAA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{71CBDBA1-B4F7-42A7-B1F6-B72186974CAC}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{720C4E08-ABA8-4050-9836-204A31453993}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{782CD160-B5E8-49AC-BD7D-EF65EE8FE40D}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{788E3728-8AD4-4909-A025-4B966CFF0B7C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{829F9915-552B-424A-BE91-8E8127EE26C8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0AA5CA-24EB-4A79-B78C-5B27C6F1C10F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{942C8733-464C-47BE-A0A8-CB564422378F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{977A9AB6-75CE-4FA2-B1D6-B316DBD20A77}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6D6C0EF-547A-4DFE-B545-05604B465DF6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B51AD2A9-3B6B-4815-8520-391FED770104}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C051C6AD-712A-4262-B368-25191F991BE8}" = protocol=17 | dir=in | app=d:\download\call.of.duty.4\call of duty 4 - modern warfare\iw3mp.exe |
"{C3A7CDB3-2434-445B-A7E4-E4536F4D8BDD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C50A6A6F-265F-4E87-93D2-0CCE7C5C45C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C6902246-796E-4269-B1BC-DAD8CB9EA37A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{CB0B420D-DFFC-4F6B-B9A6-D3A7EF79F9F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2BD9CB4-59DA-4754-B4A0-8381FFF289D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E403F9B4-C9E3-4A38-A15C-B9A00113FDF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED227E3D-682A-4F48-9182-767B60A62C78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE32B59B-4985-428E-AEB3-6B7CAEF0A575}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{241EB4BC-90D0-45CC-915C-2769FA64CAAE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{59C75FBF-F16D-484D-BDF9-966B00E92346}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{6C35FA5F-F81B-4847-8DD5-5F3D2A0F6748}D:\hry\gta2\gta2.exe" = protocol=6 | dir=in | app=d:\hry\gta2\gta2.exe |
"TCP Query User{8F295AFD-C428-48B2-82D0-835A9DCC54F1}C:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{98792A2D-B74A-4688-BC8D-3893B3EC6510}D:\hry\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\hry\quake3\quake3.exe |
"TCP Query User{A57B68F2-BEC5-42B2-8B29-B29A166D370A}D:\hry\serious sam\bin\serioussam.exe" = protocol=6 | dir=in | app=d:\hry\serious sam\bin\serioussam.exe |
"TCP Query User{AA175256-D35B-4AEC-9DB0-146E394B7D66}D:\hry\quake 3 arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\hry\quake 3 arena\quake3\quake3.exe |
"TCP Query User{C5F5B21D-EE1E-41E4-8B3F-D9C10E0FCC88}C:\program files (x86)\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"TCP Query User{E25A724B-ABCC-4486-A366-4AA3A8B698B8}C:\program files (x86)\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"TCP Query User{FE4A8BB8-5F0E-4D75-B924-8A3ADCA1E1F2}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{00AEE769-FA5C-46FD-8126-9AB6DA1FA619}D:\hry\gta2\gta2.exe" = protocol=17 | dir=in | app=d:\hry\gta2\gta2.exe |
"UDP Query User{6C016B5B-487B-40AA-906C-43C189684991}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{92115FA5-EFC2-4813-8B22-3AFAD7C9C0B5}D:\hry\quake 3 arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\hry\quake 3 arena\quake3\quake3.exe |
"UDP Query User{A635F51B-0DB1-4338-BCE7-AB33448FC810}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{AB828BAB-FB1E-4615-A8A9-181A744A48F4}C:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B1A002C8-96BC-4544-A56A-6F897666A364}C:\program files (x86)\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"UDP Query User{C8853B1E-649D-4FCA-9B37-0B2061D2D411}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CDAB31CC-8A4E-4E52-9014-B5E39C878BF4}D:\hry\serious sam\bin\serioussam.exe" = protocol=17 | dir=in | app=d:\hry\serious sam\bin\serioussam.exe |
"UDP Query User{DED9BFDB-850A-4064-B35B-774FA8597C54}D:\hry\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\hry\quake3\quake3.exe |
"UDP Query User{F808A8FA-D0D5-4B87-B2E8-0A66303D1EDF}C:\program files (x86)\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip\qip.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.3.2014 10:42:37 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 28.3.2014 12:04:34 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 28.3.2014 12:04:35 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 29.3.2014 5:19:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 29.3.2014 5:19:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.3.2014 8:27:40 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.3.2014 8:27:40 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 6:01:18 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 6:01:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 8:06:12 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ System Events ]
Error - 19.5.2014 9:37:00 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 9:37:00 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 9:37:01 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 10:19:58 | Computer Name = komik-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:12:47, ?19.?5.?2014) bylo neočekávané.
Error - 21.5.2014 2:18:30 | Computer Name = komik-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 27.5.2014 17:31:47 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 6.6.2014 16:35:22 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 8.7.2014 16:03:20 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 24.7.2014 16:06:34 | Computer Name = komik-PC | Source = Service Control Manager | ID = 7043
Description = Služba Klient zásad skupiny se po přijetí pokynu pro vypnutí neukončila
správně.
Error - 12.8.2014 15:52:42 | Computer Name = komik-PC | Source = Service Control Manager | ID = 7034
Description = Služba Skype Updater byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL Extras logfile created on: 11.9.2014 17:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\komik\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,87 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,44% Memory free
7,73 Gb Paging File | 5,37 Gb Available in Paging File | 69,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 49,03 Gb Free Space | 50,26% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 11,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive F: | 610,76 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KOMIK-PC | User Name: komik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020ACD1B-26A7-491C-B839-CB8C0F11FC37}" = rport=445 | protocol=6 | dir=out | app=system |
"{0212CB8D-77BF-4A07-86FC-785AE886FB7C}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C011FDD-3ACA-408B-825F-698D98995B5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1CBD6C33-C760-43B5-A12E-BDE7C9B39DBA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{206B337D-C75E-4CB6-B4C3-7957199A68F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2480F574-118D-4826-8EF5-C6597971E965}" = rport=138 | protocol=17 | dir=out | app=system |
"{2FD68305-569D-4EDE-AA1B-4D03440F3A19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{32F5D75A-E141-4AA9-B80D-13F80140981B}" = lport=139 | protocol=6 | dir=in | app=system |
"{3FEE8856-A2D3-42B3-96D5-CF8616C8DF84}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4151B3AF-8439-47AE-AC1E-5289E4EEA1C5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4AF81CC9-0957-43AC-8277-E42DB0D23142}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CB75FB0-80A9-45A3-A366-D92457CE4E88}" = rport=139 | protocol=6 | dir=out | app=system |
"{4DE92B83-AFE7-49F7-963E-6E7DEC9A0C31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4FF61718-B4A2-4CCD-A779-131ED70589A4}" = lport=445 | protocol=6 | dir=in | app=system |
"{500587BC-87C0-47C8-BFEA-77563A247D14}" = rport=10243 | protocol=6 | dir=out | app=system |
"{69B3B5D6-7F47-4694-94A5-0BF67D09960C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{77D439C9-7082-4246-8041-B785AB0F9E5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{99B14609-154C-4B3B-9B1A-6E1D0F3536D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{9DB2CB01-0011-4C42-98C5-92B32A7E8CE1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED410BB6-09D6-4190-B76F-876493F4FC16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FB8AF6C6-60D9-449B-A8F7-4B46968FBAD9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFB25948-5BC1-457B-AA9F-1A7BAB4EC078}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028E9F79-0ECD-408E-AA92-50CB939BBF05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{07CFE6C7-E22C-4648-A3A3-FBA5E4D568FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AB9C545-D1F4-45A3-B98D-100C3704F4E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AEFBBD3-CD8C-4F2B-B239-6E6C286C45A4}" = protocol=6 | dir=in | app=d:\download\call.of.duty.4\call of duty 4 - modern warfare\iw3mp.exe |
"{0B05D799-30F4-4E1D-AF85-002D29C89F6F}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{18EAEEF7-F590-4517-8C4A-E096C1718508}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E683754-C87B-497F-91DA-842E9A14F639}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2DB767EA-9E13-46BA-973B-C34AAB0E01E3}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"{2F17C98E-27DD-42BE-B78D-ADFE5C54BD8C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2FCC2C66-0007-4114-B527-98AE73A5B2A3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{373B9F9A-DC6E-466D-BCE3-586ADFD51F48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38996D76-03D7-4B2E-85BA-D964D56D7E73}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"{55BC1DFA-3CC4-429F-BD1D-16876B472629}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{5DF2A5C4-8135-4422-A499-052B3713497C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{642A1E5C-8500-4EE3-AAC2-4E8303188262}" = protocol=6 | dir=out | app=system |
"{6506EB89-B21C-4181-A79D-48B14F25BAA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{71CBDBA1-B4F7-42A7-B1F6-B72186974CAC}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{720C4E08-ABA8-4050-9836-204A31453993}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{782CD160-B5E8-49AC-BD7D-EF65EE8FE40D}" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"{788E3728-8AD4-4909-A025-4B966CFF0B7C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{829F9915-552B-424A-BE91-8E8127EE26C8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0AA5CA-24EB-4A79-B78C-5B27C6F1C10F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{942C8733-464C-47BE-A0A8-CB564422378F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{977A9AB6-75CE-4FA2-B1D6-B316DBD20A77}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6D6C0EF-547A-4DFE-B545-05604B465DF6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B51AD2A9-3B6B-4815-8520-391FED770104}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C051C6AD-712A-4262-B368-25191F991BE8}" = protocol=17 | dir=in | app=d:\download\call.of.duty.4\call of duty 4 - modern warfare\iw3mp.exe |
"{C3A7CDB3-2434-445B-A7E4-E4536F4D8BDD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C50A6A6F-265F-4E87-93D2-0CCE7C5C45C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C6902246-796E-4269-B1BC-DAD8CB9EA37A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{CB0B420D-DFFC-4F6B-B9A6-D3A7EF79F9F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2BD9CB4-59DA-4754-B4A0-8381FFF289D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E403F9B4-C9E3-4A38-A15C-B9A00113FDF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED227E3D-682A-4F48-9182-767B60A62C78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE32B59B-4985-428E-AEB3-6B7CAEF0A575}" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{241EB4BC-90D0-45CC-915C-2769FA64CAAE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{59C75FBF-F16D-484D-BDF9-966B00E92346}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{6C35FA5F-F81B-4847-8DD5-5F3D2A0F6748}D:\hry\gta2\gta2.exe" = protocol=6 | dir=in | app=d:\hry\gta2\gta2.exe |
"TCP Query User{8F295AFD-C428-48B2-82D0-835A9DCC54F1}C:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{98792A2D-B74A-4688-BC8D-3893B3EC6510}D:\hry\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\hry\quake3\quake3.exe |
"TCP Query User{A57B68F2-BEC5-42B2-8B29-B29A166D370A}D:\hry\serious sam\bin\serioussam.exe" = protocol=6 | dir=in | app=d:\hry\serious sam\bin\serioussam.exe |
"TCP Query User{AA175256-D35B-4AEC-9DB0-146E394B7D66}D:\hry\quake 3 arena\quake3\quake3.exe" = protocol=6 | dir=in | app=d:\hry\quake 3 arena\quake3\quake3.exe |
"TCP Query User{C5F5B21D-EE1E-41E4-8B3F-D9C10E0FCC88}C:\program files (x86)\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"TCP Query User{E25A724B-ABCC-4486-A366-4AA3A8B698B8}C:\program files (x86)\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"TCP Query User{FE4A8BB8-5F0E-4D75-B924-8A3ADCA1E1F2}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{00AEE769-FA5C-46FD-8126-9AB6DA1FA619}D:\hry\gta2\gta2.exe" = protocol=17 | dir=in | app=d:\hry\gta2\gta2.exe |
"UDP Query User{6C016B5B-487B-40AA-906C-43C189684991}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{92115FA5-EFC2-4813-8B22-3AFAD7C9C0B5}D:\hry\quake 3 arena\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\hry\quake 3 arena\quake3\quake3.exe |
"UDP Query User{A635F51B-0DB1-4338-BCE7-AB33448FC810}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{AB828BAB-FB1E-4615-A8A9-181A744A48F4}C:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\komik\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B1A002C8-96BC-4544-A56A-6F897666A364}C:\program files (x86)\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip infium\infium.exe |
"UDP Query User{C8853B1E-649D-4FCA-9B37-0B2061D2D411}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CDAB31CC-8A4E-4E52-9014-B5E39C878BF4}D:\hry\serious sam\bin\serioussam.exe" = protocol=17 | dir=in | app=d:\hry\serious sam\bin\serioussam.exe |
"UDP Query User{DED9BFDB-850A-4064-B35B-774FA8597C54}D:\hry\quake3\quake3.exe" = protocol=17 | dir=in | app=d:\hry\quake3\quake3.exe |
"UDP Query User{F808A8FA-D0D5-4B87-B2E8-0A66303D1EDF}C:\program files (x86)\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip\qip.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-602876395-1928980917-1894684931-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.3.2014 10:42:37 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 28.3.2014 12:04:34 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 28.3.2014 12:04:35 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 29.3.2014 5:19:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 29.3.2014 5:19:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.3.2014 8:27:40 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 30.3.2014 8:27:40 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 6:01:18 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 6:01:19 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_skypenotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.4.2014 8:06:12 | Computer Name = komik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\Last.fm\ext_messengernotify.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ System Events ]
Error - 19.5.2014 9:37:00 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 9:37:00 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 9:37:01 | Computer Name = komik-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 19.5.2014 10:19:58 | Computer Name = komik-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:12:47, ?19.?5.?2014) bylo neočekávané.
Error - 21.5.2014 2:18:30 | Computer Name = komik-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 27.5.2014 17:31:47 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 6.6.2014 16:35:22 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 8.7.2014 16:03:20 | Computer Name = komik-PC | Source = DCOM | ID = 10010
Description =
Error - 24.7.2014 16:06:34 | Computer Name = komik-PC | Source = Service Control Manager | ID = 7043
Description = Služba Klient zásad skupiny se po přijetí pokynu pro vypnutí neukončila
správně.
Error - 12.8.2014 15:52:42 | Computer Name = komik-PC | Source = Service Control Manager | ID = 7034
Description = Služba Skype Updater byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
Re: SavePass
Divite se, ze to mate zavirovane kdyz pouzivate cracknuty antivir 
A samotne windows mate legalni = zakoupena licence 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: SavePass
Toho antiviru si nejsem vědom, snažím se právě používat free verze. Windows by měli být legální, mám na zadní straně tu certifikační nálepku. 
Re: SavePass
Na stitku je Windows Ultimate 64bit?? Tak tohle asi free nebude Avast! Internet Security 7.0.1426 till 2050 Incl Crack @ Only By THE RAIN "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: SavePass
Aj... Na štítku je Home Premium. S tím antivirem opravdu nevím, před nějakým časem mi počítač dával dohromady syn. Je to problém?
Re: SavePass
Tak byste mel synovi jaksi vysvetlit, co je to autorsky zakon, porusovani licence a tim pachani trestneho cinu, ze ktereho Vam jaksi mohou nastat velke neprijemnosti Syn Vas defakto asi bezduvodne pripravil o Vami zaplacenou licenci a dal Vam tam nelegalni - rizika vizte vyse. A s antivirem je to totez, vy vite ze se da nainstalovat Avast Free, ale syn vam dal dal asi ten cracknuty. Rizika opet stejna.Nase forum se vsak PC s nelegalnimi systemy\bezpecnostni SW nezabyva - bylo by to proti nasemu zamereni a charte mezinarodni aliance ASAP jejiz jsme cleny. Takze bohuzel nemohu pomoci...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: SavePass
Ok, děkuji za Váš čas.
Re: SavePass
Neni zac, doporucuji nainstalovat windows Home premium a pouzit seriove cislo z nalepky...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
