VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu.

https://forum.viry.cz:443/viewtopic.php?t=121286

Stránka 2 z 2

Re: Prosím o kontrolu logu.

Napsal: 28 dub 2012 06:48
od dopa
a log OTL:


OTL logfile created on: 27.4.2012 21:06:20 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Dopa\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,35% Memory free
7,49 Gb Paging File | 4,70 Gb Available in Paging File | 62,71% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,40 Gb Total Space | 6,19 Gb Free Space | 2,18% Space Free | Partition Type: NTFS
Drive D: | 1,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: DOPA-DELL | User Name: Dopa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.04.27 21:04:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Dopa\Downloads\OTL.exe
PRC - [2012.04.27 08:49:39 | 001,280,512 | ---- | M] () -- C:\Users\Dopa\Downloads\RogueKiller.exe
PRC - [2012.04.26 23:13:58 | 027,264,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.04.04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.03.30 16:00:44 | 000,161,336 | ---- | M] (Google) -- C:\Users\Dopa\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012.03.07 16:25:54 | 003,975,088 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 13:32:10 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.01.04 13:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.08.01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2010.12.17 07:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010.09.02 17:49:40 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010.08.12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.04.29 16:57:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007.12.06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2006.03.01 03:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\SysWOW64\Crypserv.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.12 09:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012.04.12 09:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012.04.12 09:36:18 | 000,544,240 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\libglesv2.dll
MOD - [2012.04.12 09:36:17 | 000,117,744 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\libegl.dll
MOD - [2012.04.12 09:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012.04.12 09:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012.04.12 09:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012.04.12 08:51:55 | 008,743,584 | ---- | M] () -- C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2010.12.17 07:56:10 | 000,123,536 | ---- | M] () -- C:\totalcmd\WCMZIP32.DLL
MOD - [2010.12.17 07:56:10 | 000,120,184 | ---- | M] () -- C:\totalcmd\TCUNZLIB.DLL
MOD - [2008.08.08 07:24:14 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Office\PDFMOfficeAddIn.CZE


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.02.14 23:31:16 | 002,169,056 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\winvnc.exe -- (uvnc_service)
SRV:64bit: - [2012.01.29 19:33:50 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.09.08 19:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.08 14:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.05.01 17:43:07 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2010.08.12 15:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.08.12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.04.29 16:57:24 | 000,944,928 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.11.17 12:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2008.05.08 01:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2012.04.13 22:32:11 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.07 16:25:54 | 003,975,088 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.02 11:47:14 | 000,159,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe -- (CDMA Device Service)
SRV - [2010.11.06 08:37:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.09.23 17:03:46 | 001,079,376 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.10.15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2007.12.06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.03.01 03:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\windows\SysWow64\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.07 16:25:55 | 000,279,136 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.03.07 16:25:50 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2012.03.07 16:25:46 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.03.07 16:25:34 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.10.27 03:25:54 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011.10.27 03:25:54 | 000,095,928 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011.10.27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.10.27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.10.27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011.10.03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.09.08 20:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.08 18:52:40 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.06.24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.05.01 17:43:07 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011.05.01 17:43:00 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 11:39:34 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.07.29 14:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.07.29 14:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.07.29 14:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.07.15 11:03:02 | 000,030,720 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kvnet.sys -- (kvnet)
DRV:64bit: - [2010.05.07 05:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.04.29 19:01:24 | 000,340,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.04.29 19:00:36 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.04.29 19:00:34 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.04.29 19:00:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.04.29 19:00:32 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.04.19 11:30:28 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.15 13:26:28 | 000,319,536 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.04.06 18:33:10 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2010.04.06 18:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2010.04.06 18:32:46 | 000,023,944 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2010.03.09 00:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.22 03:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.08.06 18:35:34 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009.08.05 21:37:04 | 000,046,792 | ---- | M] (GBM Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GRemoteJoy64.sys -- (GRemoteJoy)
DRV:64bit: - [2009.08.05 21:37:04 | 000,027,336 | ---- | M] (GBM Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GRemoteBus64.sys -- (GRemoteBus)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.14 02:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 21:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.05.05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.03.17 19:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.04.19 11:30:28 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.02.07 02:05:06 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2006.01.10 04:47:27 | 000,031,846 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\Ckldrv.sys -- (NetworkX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://b2b.fast.eu:666/scripts/wgate/z ... anguage=CS
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {264F2642-161B-4614-A1FF-3B844464FCF6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{264F2642-161B-4614-A1FF-3B844464FCF6}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: dwnlink@rapidzasms.cz:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {f701c26a-479a-4724-b4f1-870db12f063c}:1.4.4
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
FF - prefs.js..network.proxy.backup.ftp: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "193.68.154.193"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "193.68.154.193"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "91.200.132.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "91.200.132.1"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "91.200.132.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.200.132.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "91.200.132.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dopa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dopa\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dopa\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dopa\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.11.24 17:03:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.06 12:53:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.22 18:20:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.11.04 16:17:46 | 000,000,000 | ---D | M]

[2011.06.21 12:57:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dopa\AppData\Roaming\Mozilla\Extensions
[2011.06.21 12:57:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dopa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.02.03 22:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dopa\AppData\Roaming\Mozilla\Firefox\Profiles\d80jhzfo.default\extensions
[2012.04.24 14:44:22 | 000,000,950 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Mozilla\Firefox\Profiles\d80jhzfo.default\searchplugins\icqplugin-1.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Mozilla\Firefox\Profiles\d80jhzfo.default\searchplugins\icqplugin.xml
[2012.04.27 08:57:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.04.27 08:57:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.21 12:51:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.04.10 07:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011.04.10 07:38:45 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
() (No name found) -- C:\USERS\DOPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D80JHZFO.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.12.06 12:53:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.21 12:51:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.26 08:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2011.09.30 19:05:33 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.30 19:05:33 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.30 19:05:33 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.30 19:05:33 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.30 19:05:33 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dopa\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: GamePlayLabs Plugin (Disabled) = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\npGamePlayLabsPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Dopa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Dopa\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: AT_Splendid = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\
CHR - Extension: YouTube = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: New Tab With Clock = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\feckadlaijbceoglkncdgebgkminbkia\1.5.2_0\
CHR - Extension: GamePlayLabs Plugin = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\
CHR - Extension: Bmx Pro Style = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjggjmmbnbbjknacghdmigmgcaapheb\4.0_0\
CHR - Extension: Gmail = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Canvas Rider = C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2012.04.27 20:36:31 | 000,000,843 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [GRemoteServer Pro] C:\Program Files (x86)\GBM\GRemote Pro\GRemoteServer.exe (GBM Software)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - Startup: C:\Users\Dopa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ica.cz ( https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {41C376E4-3319-47B7-BF3C-9598CC2CD107} http://192.168.0.99/classes/PTCamV.cab (PTCamV Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0595327E-7970-4419-B7B2-9759C9BD9A69}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53BA31CA-3D27-4B94-B6D9-F61F3E755273}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{565468EF-7FA3-4752-B16E-3F9981E36101}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CC18176-6884-4160-B827-4556988DCEBB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{800B3934-4734-4784-9B5A-510018BDBCCC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\x-excid - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\Windows\Downloaded Program Files\mimectl.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008.08.07 14:24:02 | 000,000,083 | R--- | M] () - D:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2008.08.21 19:02:58 | 000,000,000 | R--D | M] - D:\Autoplay -- [ UDF ]
O32 - AutoRun File - [2008.08.05 23:23:05 | 000,189,808 | R--- | M] (Adobe Systems Incorporated) - D:\Autoplay.exe -- [ UDF ]
O33 - MountPoints2\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\Shell - "" = AutoRun
O33 - MountPoints2\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\Shell\AutoRun\command - "" = D:\Autoplay.exe -- [2008.08.05 23:23:05 | 000,189,808 | R--- | M] (Adobe Systems Incorporated)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.04.27 08:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.04.27 08:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.04.27 08:50:47 | 000,000,000 | ---D | C] -- C:\Users\Dopa\Desktop\RK_Quarantine
[2012.04.26 11:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC
[2012.04.26 11:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVNC
[2012.04.26 09:30:37 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.23 21:59:11 | 000,000,000 | ---D | C] -- C:\Users\Dopa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.04.23 21:50:13 | 000,000,000 | ---D | C] -- C:\Users\Dopa\AppData\Roaming\Google Chrome Backup
[2012.04.23 21:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
[2012.04.23 21:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google Chrome Backup
[2010.11.20 11:39:34 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Dopa\AppData\Roaming\pcouffin.sys
[2010.11.11 09:44:25 | 001,441,369 | ---- | C] (EFD Software ) -- C:\Users\Dopa\AppData\Roaming\hdtunepro_460_trial.exe
[6 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.04.27 22:55:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.27 22:46:23 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.27 22:31:40 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.04.27 22:17:16 | 000,000,958 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001UA.job
[2012.04.27 18:20:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.04.27 15:06:58 | 001,586,006 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.04.27 15:06:58 | 000,669,926 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2012.04.27 15:06:58 | 000,655,280 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.04.27 15:06:58 | 000,141,526 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2012.04.27 15:06:58 | 000,122,152 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.04.27 12:26:39 | 000,001,053 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.04.27 08:56:45 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.27 08:39:58 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001Core.job
[2012.04.27 07:54:31 | 000,000,944 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.26 12:34:32 | 000,022,464 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.26 12:34:32 | 000,022,464 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.26 11:42:37 | 3018,452,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.26 09:30:39 | 001,565,228 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.04.25 22:29:18 | 000,249,622 | ---- | M] () -- C:\Users\Dopa\Desktop\jizdenka.pdf
[2012.04.25 21:51:03 | 000,109,055 | ---- | M] () -- C:\Users\Dopa\Desktop\bbbb.jpg
[2012.04.25 21:22:37 | 000,002,052 | -H-- | M] () -- C:\Users\Dopa\Documents\Default.rdp
[2012.04.25 20:40:29 | 000,075,877 | -H-- | M] () -- C:\treeinfo.wc
[2012.04.23 21:52:23 | 108,227,126 | ---- | M] () -- C:\chrome_User Data_23042012.gcb
[6 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

Re: Prosím o kontrolu logu.

Napsal: 28 dub 2012 06:49
od dopa
========== Files Created - No Company Name ==========

[2012.04.27 22:55:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.27 08:56:45 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.25 22:29:15 | 000,249,622 | ---- | C] () -- C:\Users\Dopa\Desktop\jizdenka.pdf
[2012.04.25 21:51:02 | 000,109,055 | ---- | C] () -- C:\Users\Dopa\Desktop\bbbb.jpg
[2012.04.23 21:51:21 | 108,227,126 | ---- | C] () -- C:\chrome_User Data_23042012.gcb
[2012.02.14 12:12:18 | 000,004,332 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Microsoft Excel 97-2003.NOT
[2012.02.02 18:31:47 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe
[2012.01.05 21:52:03 | 000,000,040 | ---- | C] () -- C:\windows\winDecrypt.INI
[2011.12.04 14:39:00 | 000,000,285 | ---- | C] () -- C:\windows\posta2.ini
[2011.10.23 12:32:51 | 000,000,872 | ---- | C] () -- C:\Users\Dopa\AppData\Local\SRDownloader.nast
[2011.09.22 15:27:27 | 000,037,005 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
[2011.09.14 12:47:40 | 000,053,760 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2011.09.12 13:18:59 | 000,031,846 | ---- | C] () -- C:\windows\SysWow64\Ckldrv.sys
[2011.09.07 08:12:35 | 000,000,004 | ---- | C] () -- C:\windows\vx86036.dat
[2011.09.07 08:11:48 | 000,000,145 | ---- | C] () -- C:\windows\Crypkey.ini
[2011.09.07 08:11:43 | 000,027,648 | R--- | C] () -- C:\windows\Setup_ck.exe
[2011.09.07 08:11:43 | 000,018,432 | ---- | C] () -- C:\windows\Setup_ck.dll
[2011.09.07 08:11:43 | 000,011,776 | ---- | C] () -- C:\windows\Ckrfresh.exe
[2011.07.26 17:26:48 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011.07.21 16:29:54 | 000,038,420 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011.07.17 17:51:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\business-inkjet
[2011.07.17 17:51:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\Abstract
[2011.06.21 12:57:21 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011.04.18 20:38:58 | 000,153,088 | ---- | C] () -- C:\windows\SysWow64\UNWISE.EXE
[2011.04.08 09:21:02 | 000,047,104 | ---- | C] () -- C:\windows\SysWow64\Wh2Robo.dll
[2011.04.07 15:18:29 | 000,012,952 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Hodnoty oddělené tabulátory (Windows).CAL
[2011.04.01 18:54:22 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011.04.01 18:54:22 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011.04.01 18:54:14 | 000,810,496 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011.04.01 18:54:14 | 000,183,808 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011.04.01 18:54:14 | 000,080,896 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.03.09 20:31:00 | 000,000,018 | ---- | C] () -- C:\windows\install.ini
[2011.03.09 20:30:56 | 000,024,576 | ---- | C] () -- C:\windows\rmdrv98.exe
[2011.03.09 20:30:56 | 000,024,576 | ---- | C] () -- C:\windows\rmdrv2k.exe
[2011.03.08 19:49:20 | 000,274,494 | ---- | C] () -- C:\windows\Fast AVI to GIF Converter Uninstaller.exe
[2011.02.07 20:49:34 | 000,000,000 | ---- | C] () -- C:\windows\ViewNX2.INI
[2011.02.07 19:59:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.02.07 19:59:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.02.07 19:59:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.02.07 19:59:59 | 000,000,000 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\AccountTypes
[2011.01.08 21:58:26 | 000,007,597 | ---- | C] () -- C:\Users\Dopa\AppData\Local\Resmon.ResmonCfg
[2010.12.20 10:28:50 | 000,012,931 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2010.12.20 10:28:42 | 000,000,028 | ---- | C] () -- C:\windows\ODBC.INI
[2010.12.09 21:48:53 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.12.07 13:50:28 | 004,061,184 | ---- | C] () -- C:\windows\SysWow64\PhotoLooksRenderer.dll
[2010.12.06 15:58:56 | 002,496,715 | ---- | C] () -- C:\windows\SysWow64\abgx360.exe
[2010.12.03 22:45:19 | 000,034,308 | ---- | C] () -- C:\windows\SysWow64\BASSMOD.dll
[2010.11.29 19:34:05 | 000,038,420 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Hodnoty oddělené tabulátory (Windows).ADR
[2010.11.29 19:31:35 | 000,037,015 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2010.11.23 15:11:38 | 000,000,600 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\winscp.rnd
[2010.11.20 11:41:10 | 000,001,041 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\vso_ts_preview.xml
[2010.11.20 11:39:34 | 000,099,384 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\inst.exe
[2010.11.20 11:39:34 | 000,007,859 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\pcouffin.cat
[2010.11.20 11:39:34 | 000,001,167 | ---- | C] () -- C:\Users\Dopa\AppData\Roaming\pcouffin.inf
[2010.11.19 12:34:12 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2010.11.11 14:58:42 | 000,000,045 | -H-- | C] () -- C:\windows\dos04813.dat
[2010.11.11 14:49:37 | 000,000,056 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2010.11.11 09:56:26 | 001,565,228 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010.11.08 16:27:36 | 000,000,600 | ---- | C] () -- C:\Users\Dopa\AppData\Local\PUTTY.RND
[2010.11.08 09:21:06 | 000,004,096 | -H-- | C] () -- C:\Users\Dopa\AppData\Local\keyfile3.drm
[2010.11.04 16:10:34 | 000,003,440 | ---- | C] () -- C:\windows\wcx_ftp.ini
[2010.10.04 07:18:14 | 000,000,080 | RHS- | C] () -- C:\windows\CT4CET.bin
[2010.10.03 23:54:23 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

========== LOP Check ==========

[2012.04.16 13:23:04 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Acronis
[2011.04.21 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\avidemux
[2011.03.08 19:51:55 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Bitsoft
[2010.11.17 15:40:52 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Carnival Software
[2012.04.27 18:20:44 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Dropbox
[2011.03.24 17:46:23 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\FexMax
[2010.11.13 00:05:56 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\GBM Software
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\GHISLER
[2012.02.09 12:34:35 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\HD Tune Pro
[2012.04.27 08:58:25 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ICQ
[2011.09.16 10:10:55 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\icsxml
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\IrfanView
[2010.12.12 10:43:03 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Jeyo
[2010.12.31 11:51:36 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Kerio
[2010.11.30 22:10:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\MaskMyIP
[2011.09.16 10:11:07 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\ms-drivers
[2011.07.01 23:16:31 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Navigator
[2011.02.07 20:16:04 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nikon
[2012.04.10 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nokia
[2011.09.14 13:30:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nokia Ovi Suite
[2011.04.03 19:13:45 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ObviousIdea
[2011.09.12 14:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\OfficeRecovery
[2011.09.22 16:17:39 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Outlook4Gmail
[2012.02.22 10:19:17 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PC Suite
[2012.04.01 21:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PearlMountain
[2010.12.10 11:44:45 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PhotoFiltre
[2011.06.24 09:32:00 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Publish Providers
[2011.10.23 13:48:55 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Samsung
[2011.05.13 16:17:18 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Sony
[2011.09.26 18:18:56 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Stereoscopic Player
[2011.09.16 10:10:55 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\sysprep
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\TeamViewer
[2011.08.15 11:03:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\TeraCopy
[2011.06.21 12:57:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Thunderbird
[2011.09.14 11:29:01 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\uTorrent
[2012.03.31 16:52:11 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Vso
[2012.02.27 14:07:30 | 000,032,608 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.10.04 09:33:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.10.04 09:34:00 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.10.04 09:33:25 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010.10.04 09:33:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.10.04 09:34:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.10.04 09:33:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.10.04 09:34:00 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.10.04 09:33:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.10.04 09:34:00 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.10.04 09:33:25 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.10.04 09:33:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.10.04 09:33:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2010.02.23 19:25:14 | 000,024,576 | ---- | M] (Adiv) MD5=D93C1C608DE42D006544F328F87F736F -- C:\Public\ROOT\rrrrr\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\windows\SysNative\drivers\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.10.04 09:34:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.10.04 09:34:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[30 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[16 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.12.05 20:18:35 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ABBYY
[2012.04.16 13:23:04 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Acronis
[2012.02.01 08:24:49 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Adobe
[2011.10.30 09:44:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Apple Computer
[2010.11.04 14:43:49 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ATI
[2011.04.21 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\avidemux
[2011.03.08 19:51:55 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Bitsoft
[2010.11.17 15:40:52 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Carnival Software
[2010.11.04 19:11:53 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Creative
[2011.03.18 14:27:25 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Download Manager
[2012.04.27 18:20:44 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Dropbox
[2011.07.03 22:26:57 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\dvdcss
[2011.03.24 17:46:23 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\FexMax
[2010.11.13 00:05:56 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\GBM Software
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\GHISLER
[2012.04.23 22:02:23 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Google Chrome Backup
[2010.11.05 09:37:29 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Hamachi
[2012.02.09 12:34:35 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\HD Tune Pro
[2012.04.27 08:58:25 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ICQ
[2011.09.16 10:10:55 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\icsxml
[2010.11.04 14:43:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Identities
[2010.11.25 22:56:34 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\InstallShield
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\IrfanView
[2010.12.12 10:43:03 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Jeyo
[2010.12.31 11:51:36 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Kerio
[2010.11.04 15:14:08 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Macromedia
[2010.11.24 22:11:58 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Malwarebytes
[2010.11.30 22:10:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\MaskMyIP
[2010.10.04 09:22:29 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Media Center Programs
[2012.03.31 16:52:11 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Media Player Classic
[2012.03.28 10:00:54 | 000,000,000 | --SD | M] -- C:\Users\Dopa\AppData\Roaming\Microsoft
[2012.04.16 13:31:46 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Mozilla
[2011.09.16 10:11:07 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\ms-drivers
[2011.07.01 23:16:31 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Navigator
[2011.02.07 20:16:04 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nikon
[2012.04.10 19:24:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nokia
[2011.09.14 13:30:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Nokia Ovi Suite
[2011.04.03 19:13:45 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\ObviousIdea
[2011.09.12 14:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\OfficeRecovery
[2011.09.22 16:17:39 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Outlook4Gmail
[2012.02.22 10:19:17 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PC Suite
[2012.04.01 21:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PearlMountain
[2010.12.10 11:44:45 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\PhotoFiltre
[2011.06.24 09:32:00 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Publish Providers
[2011.02.07 23:18:49 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Real
[2010.11.04 19:12:11 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Reallusion
[2011.10.23 13:48:55 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Samsung
[2012.04.27 23:50:24 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Skype
[2011.06.26 12:51:36 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\skypePM
[2011.05.13 16:17:18 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Sony
[2011.09.26 18:18:56 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Stereoscopic Player
[2011.09.16 10:10:55 | 000,000,000 | -HSD | M] -- C:\Users\Dopa\AppData\Roaming\sysprep
[2011.12.30 11:57:14 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\TeamViewer
[2011.08.15 11:03:21 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\TeraCopy
[2011.06.21 12:57:20 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Thunderbird
[2011.01.10 10:23:25 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\UltraVNC
[2011.09.14 11:29:01 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\uTorrent
[2012.03.04 19:34:51 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\vlc
[2012.04.25 21:48:33 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\VMware
[2012.03.31 16:52:11 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\Vso
[2010.11.06 08:29:59 | 000,000,000 | ---D | M] -- C:\Users\Dopa\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.11.11 09:44:25 | 001,441,369 | ---- | M] (EFD Software ) -- C:\Users\Dopa\AppData\Roaming\hdtunepro_460_trial.exe
[2010.11.20 11:39:34 | 000,099,384 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\inst.exe
[2012.04.26 23:13:58 | 027,264,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.04.12 08:46:46 | 000,872,040 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dopa\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.04.26 23:14:30 | 000,177,240 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.04.10 19:25:22 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Dopa\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
[2012.04.10 19:25:23 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Dopa\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.04.10 19:25:23 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Dopa\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.04.10 19:25:23 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Dopa\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.04.10 19:25:23 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Dopa\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2011.11.08 12:11:44 | 000,929,168 | ---- | M] (Samsung) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.11.08 12:11:48 | 000,278,928 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.10.31 04:24:38 | 000,292,864 | ---- | M] (Samsung) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2011.11.08 12:11:46 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.10.31 04:23:28 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.10.31 04:23:28 | 000,690,688 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.10.31 04:23:28 | 000,110,080 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ErrorReport.exe
[2011.11.08 12:11:50 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.10.31 04:23:12 | 000,106,408 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.10.31 04:23:12 | 000,101,288 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.11.08 12:11:54 | 000,131,984 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.11.08 12:11:56 | 000,021,392 | ---- | M] () -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.11.08 12:11:56 | 003,571,576 | ---- | M] (Freeware) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.10.31 04:22:30 | 024,114,392 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.11.08 12:11:58 | 000,392,080 | ---- | M] (ml) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.04.04 07:05:32 | 000,371,088 | ---- | M] (ml) -- C:\Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.04.27 23:31:02 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012.04.27 07:54:31 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.27 23:46:21 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.27 08:39:58 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001Core.job
[2012.04.27 23:17:18 | 000,000,958 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.04.26 09:30:39 | 001,565,228 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"KiesHelper" = C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s -- [2012.04.04 07:05:14 | 000,954,256 | ---- | M] (Samsung)
"KiesPDLR" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012.04.04 07:05:28 | 000,021,392 | ---- | M] ()
"GRemoteServer Pro" = C:\Program Files (x86)\GBM\GRemote Pro\GRemoteServer.exe -- [2011.08.16 21:44:30 | 002,818,528 | ---- | M] (GBM Software)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.02.29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.12.06 12:53:08 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=25532414A7A088553527A75B31DF0592 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.03.09 08:38:59 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.27 22:55:34 | 000,000,512 | ---- | M] () MD5=B091B00A77C78202A2592856CAF82400 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.09.21 22:46:07 | 000,000,363 | ---- | M] () -- \_SOFT\Acronis True Image 2010\Crack\crack.txt
[2010.04.20 06:43:24 | 000,045,828 | ---- | M] () -- \Public\Plocha\Downgrade\JAFSetup_1.98.47_for_crack.rar
[2010.04.20 06:41:00 | 025,848,504 | ---- | M] () -- \Public\Plocha\Downgrade\JAFSetup_1.98.47_for_crack_.rar
[2007.08.31 21:39:46 | 001,611,464 | ---- | M] () -- \Public\ROOT\_Zalohy\root E51\data\Installs\CoreCodec.CorePlayer.v1.1.1.S60v3.SymbianOS9.1.Cracked-BiNPDA.sis
[2006.10.20 17:28:18 | 001,005,532 | ---- | M] () -- \Public\ROOT\_Zalohy\root E51\data\Installs\Mapy\TomTom.Mobile.v6.01.S60v3.SymbianOS9.1.Cracked-BiNPDA.sis
[1997.02.20 22:06:58 | 000,000,066 | ---- | M] () -- \Public\ROOT\Flash_Malboro\Hry\ROADRASH\CRACK_IT.BAT
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\AAA Logo upgrade Setup\Bonus\Roulette Killer Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\AAA Logo upgrade Setup\Bonus\Roulette Sniper Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\AAA Logo upgrade Setup\Bonus\Roulette System Checker Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Bonus\Roulette Killer Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Bonus\Roulette Sniper Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Bonus\Roulette System Checker Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Registration Help\Bonus\Roulette Killer Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Registration Help\Bonus\Roulette Sniper Cracked FREE DIRECT DOWNLOAD.url
[2008.04.06 15:36:56 | 000,000,143 | ---- | M] () -- \Public\ROOT\Install\AAA Logo Software V1.22 Full\Registration Help\Bonus\Roulette System Checker Cracked FREE DIRECT DOWNLOAD.url
[2007.02.12 20:00:24 | 000,000,078 | ---- | M] () -- \Public\ROOT\Install\Pandoras Box\Crack\crack.txt
[2012.02.22 09:42:05 | 104,153,328 | ---- | M] () -- \Users\Dopa\Downloads\Phoenix_Service_Software_2011.14.004.45945_Cracked.exe
[2012.04.10 17:41:43 | 112,904,701 | ---- | M] () -- \Users\Dopa\Downloads\Phoenix_Service_Software_2012.04.003.47798_Cracked (1).rar
[2011.12.30 11:03:59 | 005,623,417 | ---- | M] () -- \Users\Dopa\Downloads\SysInfoTools.Ms.Excel.xlsx.Recovery.v1.0.Cracked-DJiNN.rar
[2011.12.30 11:08:18 | 000,015,801 | ---- | M] () -- \Users\Dopa\Downloads\sysinfotools_ms_excel_xlsx_recovery_v1.0_cracked.txt
[2011.06.30 16:59:57 | 000,458,920 | ---- | M] () -- \Users\Dopa\Downloads\teamviewer-6-0-9947-pro-cracked.zip
[2011.03.16 11:01:15 | 000,000,353 | ---- | M] () -- \Users\Dopa\Downloads\SysTools.Software.OST.Recovery.v3.1.0.0-Lz0\crack.zip
[2011.03.16 11:01:15 | 000,000,353 | ---- | M] () -- \Users\Dopa\Downloads\SysTools.Software.OST.Recovery.v3.1.0.0-Lz0\aaa\SysTools.Software.OST.Recovery.v3.1.0.0-Lz0\crack.zip

< *keygen* /s >
[2011.02.08 04:03:54 | 000,040,960 | ---- | M] () -- \Install\BIND\dnssec-keygen.exe
[2010.08.17 01:08:22 | 000,020,404 | ---- | M] () -- \Install\BIND\dnssec-keygen.html
[2011.02.04 03:10:42 | 000,021,804 | ---- | M] () -- \Install\BIND\man.dnssec-keygen.html
[2011.02.08 04:01:56 | 000,009,728 | ---- | M] () -- \Install\BIND\pkcs11-keygen.exe
[2009.10.06 05:40:14 | 000,005,036 | ---- | M] () -- \Install\BIND\pkcs11-keygen.html
[2008.11.21 12:09:15 | 000,086,016 | ---- | M] () -- \Public\Dokumenty\_WEBY\Web_Rrofin\v8\Crack\Keygen.exe
[2000.10.12 21:20:52 | 000,179,712 | ---- | M] () -- \Public\Dokumenty\Spořič FISCH\KEYGEN.EXE
[2006.12.23 05:34:42 | 000,059,392 | ---- | M] () -- \Public\ROOT\Install\Advanced.Windows.Care.Pro.v2.3.0.758_incl.Keygen\Keygen.exe
[6 \Users\Dopa\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \Users\Dopa\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[2011.02.17 22:33:44 | 000,030,720 | ---- | M] () -- \Users\Dopa\Downloads\__\2\keygen.exe

< *loader* /s >
[2012.02.28 19:24:43 | 000,001,652 | ---- | M] () -- \_ANDROID\platforms\android-10\data\android\app\ApplicationLoaders.class
[2012.02.28 19:24:11 | 000,003,098 | ---- | M] () -- \_ANDROID\platforms\android-10\data\android\app\LoadedApk$WarningContextClassLoader.class
[2012.02.28 19:24:12 | 000,005,226 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\internal\telephony\AdnRecordLoader.class
[2012.02.28 19:25:04 | 000,007,157 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\internal\telephony\gsm\stk\IconLoader.class
[2012.02.28 19:24:51 | 000,000,239 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$1.class
[2012.02.28 19:24:31 | 000,004,235 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$FontDefinitionParser.class
[2012.02.28 19:24:10 | 000,000,605 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$FontInfo.class
[2012.02.28 19:24:55 | 000,006,665 | ---- | M] () -- \_ANDROID\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader.class
[2012.02.28 19:24:07 | 000,001,211 | ---- | M] () -- \_ANDROID\platforms\android-10\data\dalvik\system\PathClassLoader$EnumerateListArray.class
[2012.02.28 19:24:45 | 000,008,114 | ---- | M] () -- \_ANDROID\platforms\android-10\data\dalvik\system\PathClassLoader.class
[2012.02.28 19:24:24 | 000,000,677 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw\loaderror.html
[2012.02.28 19:24:14 | 000,000,643 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-ar\loaderror.html
[2012.02.28 19:24:28 | 000,000,682 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-cs\loaderror.html
[2012.02.28 19:24:09 | 000,000,612 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-da\loaderror.html
[2012.02.28 19:24:12 | 000,000,605 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-de\loaderror.html
[2012.02.28 19:24:31 | 000,000,579 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-en-rGB\loaderror.html
[2012.02.28 19:24:59 | 000,000,607 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-es\loaderror.html
[2012.02.28 19:24:15 | 000,000,633 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-fi\loaderror.html
[2012.02.28 19:24:45 | 000,000,613 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-fr\loaderror.html
[2012.02.28 19:24:08 | 000,000,628 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-hu\loaderror.html
[2012.02.28 19:24:28 | 000,000,622 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-it\loaderror.html
[2012.02.28 19:24:27 | 000,000,638 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-iw\loaderror.html
[2012.02.28 19:24:52 | 000,000,656 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-ja\loaderror.html
[2012.02.28 19:24:07 | 000,000,648 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-ko\loaderror.html
[2012.02.28 19:24:42 | 000,000,592 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-nl\loaderror.html
[2012.02.28 19:24:49 | 000,000,628 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-pl\loaderror.html
[2012.02.28 19:25:06 | 000,000,676 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-pt-rBR\loaderror.html
[2012.02.28 19:24:40 | 000,000,705 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-ru\loaderror.html
[2012.02.28 19:24:15 | 000,000,678 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-th\loaderror.html
[2012.02.28 19:24:12 | 000,000,570 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-tr\loaderror.html
[2012.02.28 19:24:04 | 000,000,556 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-zh-rCN\loaderror.html
[2012.02.28 19:25:03 | 000,000,635 | ---- | M] () -- \_ANDROID\platforms\android-10\data\res\raw-zh-rTW\loaderror.html
[2006.11.01 11:23:34 | 003,743,744 | ---- | M] () -- \_ZALOHY\_Zal6500c\MP3\Toploader-DancingInT.mp3
[2012.02.28 20:38:51 | 000,001,824 | ---- | M] () -- \eclipse\configuration\org.eclipse.osgi\bundles\95\1\.cp\org\eclipse\epp\usagedata\internal\ui\uploaders\AskUserUploader$1.class
[2012.02.28 20:38:52 | 000,001,361 | ---- | M] () -- \eclipse\configuration\org.eclipse.osgi\bundles\95\1\.cp\org\eclipse\epp\usagedata\internal\ui\uploaders\AskUserUploader$2.class
[2012.02.28 20:38:52 | 000,005,630 | ---- | M] () -- \eclipse\configuration\org.eclipse.osgi\bundles\95\1\.cp\org\eclipse\epp\usagedata\internal\ui\uploaders\AskUserUploader.class
[2012.02.28 20:38:52 | 000,002,360 | ---- | M] () -- \eclipse\configuration\org.eclipse.osgi\bundles\95\1\.cp\org\eclipse\epp\usagedata\internal\ui\wizards\AskUserUploaderWizard.class
[2008.03.18 08:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2008.08.28 20:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 17:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 17:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 17:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.14 08:23:12 | 000,009,969 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2003.11.01 15:57:46 | 000,052,021 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKUEDGE_INTEL_1.adl
[2003.11.01 15:57:46 | 000,052,021 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2003.11.01 15:57:46 | 000,051,783 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKU_INTEL_2.adl
[2003.11.01 15:57:46 | 000,051,783 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\Flash\loader_TIKU_SAMSUNG_2.adl
[2012.02.03 04:32:08 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.01.04 23:46:12 | 000,109,056 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloaderfor64.dll
[2012.01.04 23:46:12 | 000,109,056 | ---- | M] () -- \Program Files (x86)\COMPlus Applications\{DEFC3396-9B90-4B52-AA2A-3945C05F5995}\ta_productapiloaderfor64.dll
[2008.12.02 18:02:08 | 000,081,920 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\uploader.crl
[2008.12.02 18:10:04 | 000,405,504 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\UtubeUploader.dll
[2007.08.26 00:23:02 | 000,073,728 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\HttpVideoDownloader.dll
[2011.10.13 08:54:27 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.10.13 08:54:28 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.10.13 08:54:27 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.10.13 08:54:58 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.02.15 13:13:16 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2008.02.11 06:42:22 | 000,106,496 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\cmn_fileloaderfn.dll
[2006.03.08 13:37:06 | 000,010,832 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader.bin
[2007.05.10 17:15:08 | 000,010,260 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader_c55xx.bin
[2006.04.03 16:46:12 | 000,011,170 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\FlashHip\dsp_sec_bootloader_no_ext_sram.bin
[2004.06.01 10:49:00 | 000,011,436 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\AutoLoader.pm
[2004.06.01 10:53:08 | 000,028,959 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\DynaLoader.pm
[2004.06.01 10:53:08 | 000,008,852 | ---- | M] () -- \Program Files (x86)\Nokia\Phoenix\tp\perl\lib\XSLoader.pm
[2008.07.23 23:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_INTEL_1.adl
[2008.07.23 23:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2008.07.23 23:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_INTEL_2.adl
[2008.07.23 23:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_SAMSUNG_2.adl
[2012.03.30 12:24:00 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.04.04 07:05:26 | 000,183,696 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.11.19 13:10:13 | 000,176,040 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9100\BinaryLoaderMgr.exe
[2011.11.19 13:10:13 | 000,277,928 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9100\FirmwareUpdate.Downloader.dll
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Valve\valve\sound\ambience\loader_step1.wav
[2011.07.22 16:30:02 | 000,007,664 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\demo\jvmti\hprof\src\hprof_loader.c
[2011.07.22 16:30:02 | 000,002,141 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\demo\jvmti\hprof\src\hprof_loader.h
[2011.07.22 16:29:33 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011.07.22 16:29:33 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2011.07.22 16:29:35 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\modules\org-openide-loaders.jar
[2011.07.22 16:29:34 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2011.07.22 16:29:34 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011.07.22 16:29:35 | 000,000,456 | ---- | M] () -- \Program Files\Java\jdk1.6.0_26\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.11.29 22:28:08 | 000,003,614 | ---- | M] () -- \Program Files\RawTherapeeV40\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.15 12:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2000.08.16 00:18:30 | 000,000,016 | ---- | M] () -- \Public\Plocha\_RUZNE\Hry\Donald Duck\Loader.ini
[2010.02.04 16:11:21 | 000,001,844 | ---- | M] () -- \Public\Plocha\OSTATNI\Nokia Map Loader.lnk
[2001.10.12 15:46:50 | 000,003,787 | ---- | M] () -- \Public\ROOT\_Zalohy\WinXP.MUI.Pack\cs.mui\i386\osloader.exe.mu_
[2010.07.20 13:00:00 | 000,058,854 | ---- | M] () -- \TEMP\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.02.28 20:06:42 | 000,001,652 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\android\app\ApplicationLoaders.class
[2012.02.28 20:06:15 | 000,003,098 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\android\app\LoadedApk$WarningContextClassLoader.class
[2012.02.28 20:06:17 | 000,005,226 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\internal\telephony\AdnRecordLoader.class
[2012.02.28 20:07:09 | 000,007,157 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\internal\telephony\gsm\stk\IconLoader.class
[2012.02.28 20:06:48 | 000,000,239 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$1.class
[2012.02.28 20:06:32 | 000,004,235 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$FontDefinitionParser.class
[2012.02.28 20:06:14 | 000,000,605 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader$FontInfo.class
[2012.02.28 20:06:52 | 000,006,665 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\com\android\layoutlib\bridge\FontLoader.class
[2012.02.28 20:06:11 | 000,001,211 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\dalvik\system\PathClassLoader$EnumerateListArray.class
[2012.02.28 20:06:42 | 000,008,114 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\dalvik\system\PathClassLoader.class
[2012.02.28 20:06:25 | 000,000,677 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw\loaderror.html
[2012.02.28 20:06:18 | 000,000,643 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-ar\loaderror.html
[2012.02.28 20:06:31 | 000,000,682 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-cs\loaderror.html
[2012.02.28 20:06:14 | 000,000,612 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-da\loaderror.html
[2012.02.28 20:06:17 | 000,000,605 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-de\loaderror.html
[2012.02.28 20:06:33 | 000,000,579 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-en-rGB\loaderror.html
[2012.02.28 20:06:57 | 000,000,607 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-es\loaderror.html
[2012.02.28 20:06:18 | 000,000,633 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-fi\loaderror.html
[2012.02.28 20:06:42 | 000,000,613 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-fr\loaderror.html
[2012.02.28 20:06:12 | 000,000,628 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-hu\loaderror.html
[2012.02.28 20:06:29 | 000,000,622 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-it\loaderror.html
[2012.02.28 20:06:28 | 000,000,638 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-iw\loaderror.html
[2012.02.28 20:06:50 | 000,000,656 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-ja\loaderror.html
[2012.02.28 20:06:11 | 000,000,648 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-ko\loaderror.html
[2012.02.28 20:06:41 | 000,000,592 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-nl\loaderror.html
[2012.02.28 20:06:44 | 000,000,628 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-pl\loaderror.html
[2012.02.28 20:07:15 | 000,000,676 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-pt-rBR\loaderror.html
[2012.02.28 20:06:40 | 000,000,705 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-ru\loaderror.html
[2012.02.28 20:06:19 | 000,000,678 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-th\loaderror.html
[2012.02.28 20:06:17 | 000,000,570 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-tr\loaderror.html
[2012.02.28 20:06:10 | 000,000,556 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-zh-rCN\loaderror.html
[2012.02.28 20:07:03 | 000,000,635 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-10\data\res\raw-zh-rTW\loaderror.html
[2012.02.28 16:27:40 | 000,000,679 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw\loaderror.html
[2012.02.28 16:26:33 | 000,000,659 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-ar\loaderror.html
[2012.02.28 16:26:52 | 000,000,682 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-cs\loaderror.html
[2012.02.28 16:27:41 | 000,000,612 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-da\loaderror.html
[2012.02.28 16:27:30 | 000,000,605 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-de\loaderror.html
[2012.02.28 16:27:16 | 000,000,579 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-en-rGB\loaderror.html
[2012.02.28 16:27:23 | 000,000,607 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-es\loaderror.html
[2012.02.28 16:26:57 | 000,000,633 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-fi\loaderror.html
[2012.02.28 16:27:18 | 000,000,613 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-fr\loaderror.html
[2012.02.28 16:26:38 | 000,000,628 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-hu\loaderror.html
[2012.02.28 16:26:50 | 000,000,622 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-it\loaderror.html
[2012.02.28 16:27:02 | 000,000,654 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-iw\loaderror.html
[2012.02.28 16:26:57 | 000,000,656 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-ja\loaderror.html
[2012.02.28 16:26:42 | 000,000,648 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-ko\loaderror.html
[2012.02.28 16:26:38 | 000,000,592 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-nl\loaderror.html
[2012.02.28 16:27:12 | 000,000,628 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-pl\loaderror.html
[2012.02.28 16:27:20 | 000,000,676 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-pt-rBR\loaderror.html
[2012.02.28 16:27:30 | 000,000,617 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-rm\loaderror.html
[2012.02.28 16:26:59 | 000,000,705 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-ru\loaderror.html
[2012.02.28 16:27:40 | 000,000,678 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-th\loaderror.html
[2012.02.28 16:27:18 | 000,000,570 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-tr\loaderror.html
[2012.02.28 16:26:44 | 000,000,556 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-zh-rCN\loaderror.html
[2012.02.28 16:27:46 | 000,000,635 | ---- | M] () -- \Users\Dopa\android-sdks\platforms\android-15\data\res\raw-zh-rTW\loaderror.html
[2011.10.23 12:32:51 | 000,000,872 | ---- | M] () -- \Users\Dopa\AppData\Local\SRDownloader.nast
[2012.04.20 11:50:22 | 000,000,652 | ---- | M] () -- \Users\Dopa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8KM656SN\AdLoader[1].htm
[2012.04.19 11:50:34 | 000,010,364 | ---- | M] () -- \Users\Dopa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FONVTQ6Q\AdLoader-31f86c1d55aec17be3f2a203a8e4fb19.min[1].js
[2012.04.20 11:50:22 | 000,010,364 | ---- | M] () -- \Users\Dopa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIPG54C9\AdLoader-31f86c1d55aec17be3f2a203a8e4fb19.min[1].js
[2012.04.23 21:53:21 | 000,000,905 | ---- | M] () -- \Users\Dopa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIPG54C9\TooltipLoader[1].css
[2012.04.23 21:53:21 | 000,014,290 | ---- | M] () -- \Users\Dopa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIPG54C9\TooltipLoader[1].js
[2011.11.07 08:29:56 | 000,069,120 | ---- | M] () -- \Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.11.08 12:11:54 | 000,131,984 | ---- | M] () -- \Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.04.20 08:24:44 | 000,028,638 | ---- | M] () -- \Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll.cab
[2012.04.20 08:24:36 | 000,076,981 | ---- | M] () -- \Users\Dopa\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\External\FirmwareUpdate\BinaryLoaderMgr.exe.cab
[2011.10.30 10:02:09 | 000,792,704 | ---- | M] () -- \Users\Dopa\Downloads\amddriverdownloader.exe
[2012.04.09 19:11:27 | 000,904,192 | ---- | M] () -- \Users\Dopa\Downloads\SRDownloader.exe
[2010.11.04 14:59:34 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.21 21:12:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.21 21:12:59 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.21 21:12:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.21 21:13:00 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.21 21:13:00 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >

Re: Prosím o kontrolu logu.

Napsal: 29 dub 2012 10:22
od vyosek
:arrow: Bodejt ty to nebylo zaliskane kdyz si to krmite craky\keygeny a podobynimi "dobrotami"

:arrow: Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam :arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://b2b.fast.eu:666/scripts/wgate/z ... anguage=CS
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {264F2642-161B-4614-A1FF-3B844464FCF6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{264F2642-161B-4614-A1FF-3B844464FCF6}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:80
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
FF - prefs.js..network.proxy.backup.ftp: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "193.68.154.193"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "193.68.154.193"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "91.200.132.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "91.200.132.1"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "91.200.132.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.200.132.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "91.200.132.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
() (No name found) -- C:\USERS\DOPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D80JHZFO.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ica.cz ( https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\Shell - "" = AutoRun
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[30 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[16 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[2012.04.27 23:31:02 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012.04.27 07:54:31 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.27 23:46:21 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.27 08:39:58 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001Core.job
[2012.04.27 23:17:18 | 000,000,958 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001UA.job
O18:64bit: - Protocol\Handler\x-excid - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

:services
gupdate
gupdatem

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LINKMAGIC.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outlook Plugin.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"LogMeIn Hamachi Ui"=-
"NSU_agent"=-
"Adobe Reader Speed Launcher"=-

:files
c:\_SOFT\Acronis True Image 2010\Crack
C:\Public\Plocha\Downgrade\JAFSetup_1.98.47_for_crack_.rar
c:\Users\Dopa\Downloads\teamviewer-6-0-9947-pro-cracked.zip
c:\Install\BIND\dnssec-keygen.exe
c:\Install\BIND\dnssec-keygen.html
c:\Install\BIND\man.dnssec-keygen.html
c:\Install\BIND\pkcs11-keygen.exe
c:\Install\BIND\pkcs11-keygen.html
c:\Public\Dokumenty\_WEBY\Web_Rrofin\v8\Crack
c:\Public\Dokumenty\Spořič FISCH\KEYGEN.EXE
c:\Public\ROOT\Install\Advanced.Windows.Care.Pro.v2.3.0.758_incl.Keygen
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu logu.

Napsal: 30 dub 2012 11:23
od dopa
počítač používá více osob. Jsem si vědom, že tam bude "bordelu"
OTL mi běží už cca 6 hodin a jaksi nereaguje.

Re: Prosím o kontrolu logu.

Napsal: 30 dub 2012 15:53
od dopa
Tak nevím.. furt je to na stejném bodě.. to už je nějakých 12 hodin...

stojí to na:

Processing FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search" ...

a počítač je nepoužitelný...

Re: Prosím o kontrolu logu.

Napsal: 30 dub 2012 16:58
od vyosek
Restart do nouzoveho rezimu a tam pouzit tento skript - klik na Opravit

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://b2b.fast.eu:666/scripts/wgate/z ... anguage=CS
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {264F2642-161B-4614-A1FF-3B844464FCF6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:80
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..network.proxy.backup.ftp: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "193.68.154.193"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "193.68.154.193"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "193.68.154.193"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "91.200.132.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "91.200.132.1"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "91.200.132.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.200.132.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "91.200.132.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
() (No name found) -- C:\USERS\DOPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D80JHZFO.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ica.cz ( https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\Shell - "" = AutoRun
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[30 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[16 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[2012.04.27 23:31:02 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012.04.27 07:54:31 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.27 23:46:21 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.27 08:39:58 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001Core.job
[2012.04.27 23:17:18 | 000,000,958 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001UA.job
O18:64bit: - Protocol\Handler\x-excid - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

:services
gupdate
gupdatem

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LINKMAGIC.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outlook Plugin.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"LogMeIn Hamachi Ui"=-
"NSU_agent"=-
"Adobe Reader Speed Launcher"=-

:files
c:\_SOFT\Acronis True Image 2010\Crack
C:\Public\Plocha\Downgrade\JAFSetup_1.98.47_for_crack_.rar
c:\Users\Dopa\Downloads\teamviewer-6-0-9947-pro-cracked.zip
c:\Install\BIND\dnssec-keygen.exe
c:\Install\BIND\dnssec-keygen.html
c:\Install\BIND\man.dnssec-keygen.html
c:\Install\BIND\pkcs11-keygen.exe
c:\Install\BIND\pkcs11-keygen.html
c:\Public\Dokumenty\_WEBY\Web_Rrofin\v8\Crack
c:\Public\Dokumenty\Spořič FISCH\KEYGEN.EXE
c:\Public\ROOT\Install\Advanced.Windows.Care.Pro.v2.3.0.758_incl.Keygen
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Re: Prosím o kontrolu logu.

Napsal: 01 kvě 2012 16:48
od dopa
tak tohle asi taky neprojde.. bezi to od 9ti od rana a OTL nereaguje. necham to jeste pres noc

Re: Prosím o kontrolu logu.

Napsal: 01 kvě 2012 17:42
od dopa
tak to záhadně doběhlo... zde je log:


All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "Yahoo" removed from browser.search.order.1
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "193.68.154.193" removed from network.proxy.backup.ftp
Prefs.js: 80 removed from network.proxy.backup.ftp_port
Prefs.js: "193.68.154.193" removed from network.proxy.backup.gopher
Prefs.js: 80 removed from network.proxy.backup.gopher_port
Prefs.js: "193.68.154.193" removed from network.proxy.backup.socks
Prefs.js: 80 removed from network.proxy.backup.socks_port
Prefs.js: "193.68.154.193" removed from network.proxy.backup.ssl
Prefs.js: 80 removed from network.proxy.backup.ssl_port
Prefs.js: "91.200.132.1" removed from network.proxy.ftp
Prefs.js: 8080 removed from network.proxy.ftp_port
Prefs.js: "91.200.132.1" removed from network.proxy.gopher
Prefs.js: 8080 removed from network.proxy.gopher_port
Prefs.js: "91.200.132.1" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "91.200.132.1" removed from network.proxy.socks
Prefs.js: 8080 removed from network.proxy.socks_port
Prefs.js: "91.200.132.1" removed from network.proxy.ssl
Prefs.js: 8080 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Prefs.js: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p=" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ica.cz\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b9a4934-eeb4-11df-bdcf-88252c042c0c}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP234.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A1E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP62F7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP670C.tmp\System.ServiceModel.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP670C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8777.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPADC0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBD26.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC7B1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1BA9.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1D71.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2E7F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP46C1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP480E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP49CE.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4CF7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5236.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP603C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8831.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9175.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP959D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA99C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB119.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB5F5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBD1C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC2BC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC5B7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDB16.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDDB0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE3BB.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC48.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPED9A.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF056.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF4AC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF517.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFA59.tmp folder deleted successfully.
C:\windows\Installer\MSI2E07.tmp deleted successfully.
C:\windows\Installer\MSI4836.tmp deleted successfully.
C:\windows\Installer\MSI7F81.tmp deleted successfully.
C:\windows\Temp\RGI133C.tmp deleted successfully.
C:\windows\Temp\RGI133C.tmp-tmp deleted successfully.
C:\windows\Temp\RGI272A.tmp deleted successfully.
C:\windows\Temp\RGI272A.tmp-tmp deleted successfully.
C:\windows\Temp\RGI38CF.tmp deleted successfully.
C:\windows\Temp\RGI38CF.tmp-tmp deleted successfully.
C:\windows\Temp\RGI422C.tmp deleted successfully.
C:\windows\Temp\RGI422C.tmp-tmp deleted successfully.
C:\windows\Temp\RGI4463.tmp deleted successfully.
C:\windows\Temp\RGI4463.tmp-tmp deleted successfully.
C:\windows\Temp\RGI56C8.tmp deleted successfully.
C:\windows\Temp\RGI56C8.tmp-tmp deleted successfully.
C:\windows\Temp\RGI76BA.tmp deleted successfully.
C:\windows\Temp\RGI76BA.tmp-tmp deleted successfully.
C:\windows\Temp\RGI8E97.tmp deleted successfully.
C:\windows\Temp\RGI8E97.tmp-tmp deleted successfully.
C:\windows\Temp\RGIA4E8.tmp deleted successfully.
C:\windows\Temp\RGIA4E8.tmp-tmp deleted successfully.
C:\windows\Temp\RGIA6BB.tmp deleted successfully.
C:\windows\Temp\RGIA6BB.tmp-tmp deleted successfully.
C:\windows\Temp\RGICC14.tmp deleted successfully.
C:\windows\Temp\RGICC14.tmp-tmp deleted successfully.
C:\windows\Temp\RGID1E1.tmp deleted successfully.
C:\windows\Temp\RGID1E1.tmp-tmp deleted successfully.
C:\windows\Temp\RGIDA40.tmp deleted successfully.
C:\windows\Temp\RGIDA40.tmp-tmp deleted successfully.
C:\windows\Temp\RGIDAC9.tmp deleted successfully.
C:\windows\Temp\RGIDAC9.tmp-tmp deleted successfully.
C:\windows\Temp\RGIE445.tmp deleted successfully.
C:\windows\Temp\RGIE445.tmp-tmp deleted successfully.
C:\windows\Temp\RGIFB47.tmp deleted successfully.
C:\windows\Temp\RGIFB47.tmp-tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3634160232-3727038034-2283995071-1001UA.job moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\x-excid\ deleted successfully.
File Protocol\Handler\x-excid - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LINKMAGIC.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outlook Plugin.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NSU_agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
========== FILES ==========
c:\_SOFT\Acronis True Image 2010\Crack folder moved successfully.
C:\Public\Plocha\Downgrade\JAFSetup_1.98.47_for_crack_.rar moved successfully.
c:\Users\Dopa\Downloads\teamviewer-6-0-9947-pro-cracked.zip moved successfully.
c:\Install\BIND\dnssec-keygen.exe moved successfully.
c:\Install\BIND\dnssec-keygen.html moved successfully.
c:\Install\BIND\man.dnssec-keygen.html moved successfully.
c:\Install\BIND\pkcs11-keygen.exe moved successfully.
c:\Install\BIND\pkcs11-keygen.html moved successfully.
c:\Public\Dokumenty\_WEBY\Web_Rrofin\v8\Crack folder moved successfully.
c:\Public\Dokumenty\Spořič FISCH\KEYGEN.EXE moved successfully.
c:\Public\ROOT\Install\Advanced.Windows.Care.Pro.v2.3.0.758_incl.Keygen folder moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dopa
->Temp folder emptied: 73147982 bytes
->Temporary Internet Files folder emptied: 59993244 bytes
->Java cache emptied: 957128 bytes
->FireFox cache emptied: 61176236 bytes
->Google Chrome cache emptied: 25130262 bytes
->Flash cache emptied: 8884 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 3053568 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 497258522 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36035620 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 501787579 bytes

Total Files Cleaned = 1 200,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Dopa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.42.1 log created on 05012012_104126

Files\Folders moved on Reboot...
C:\Users\Dopa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Re: Prosím o kontrolu logu.

Napsal: 02 kvě 2012 15:06
od vyosek
Jeste jeden log pro OTL, postup stejny

Kód: Vybrat vše

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LINKMAGIC.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outlook Plugin.lnk] /64

:commands
[REBOOT]

Re: Prosím o kontrolu logu.

Napsal: 02 kvě 2012 16:06
od dopa
OTL proběhlo.. restart také, ale LOG se nezobrazil, kde jej najdu?

Re: Prosím o kontrolu logu.

Napsal: 03 kvě 2012 09:25
od vyosek
Dejte mi novy log z RSIT

Re: Prosím o kontrolu logu.

Napsal: 03 kvě 2012 09:52
od dopa
Logfile of random's system information tool 1.09 (written by random/random)
Run by Dopa at 2012-05-03 10:51:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 11 GB (4%) free of 290 GB
Total RAM: 3838 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:52:10, on 3.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Dopa\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dopa\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\trend micro\Dopa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [GRemoteServer Pro] C:\Program Files (x86)\GBM\GRemote Pro\GRemoteServer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {41C376E4-3319-47B7-BF3C-9598CC2CD107} (PTCamV Control) - http://192.168.0.99/classes/PTCamV.cab
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\windows\SYSTEM32\crypserv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\winvnc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14421 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe"
crypserv.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files\UltraVNC\winvnc.exe" -service
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"taskhost.exe"
taskeng.exe {A731AD44-E69C-4890-8D4F-18283FFE9EE7}
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe"
C:\windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\system32\wuauclt.exe"
"C:\totalcmd\TOTALCMD.EXE"
{B495D463-F411-437A-9894-7D8ACE9B7C9A}
C:\windows\system32\WLANExt.exe 3580256
{9EF4EE0C-241F-43D1-A788-3141126618EB}
\??\C:\windows\system32\conhost.exe "31017818-1787069236-930421056-824590871-389234892-19205822072280278496245301
taskeng.exe {4D2837D8-5BBA-4DC6-8B42-66D4E1879D96}
C:\Users\Dopa\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files\UltraVNC\winvnc.exe" -service_run
rundll32.exe "C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll",RunSkypePluginUninstall C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Preferences
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.029DF540.1721249442 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.05118700.885460569 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.05118C40.831723822 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.05118E00.378471971 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.049908C0.687340249 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.04223A80.920860406 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.0571C000.1676272877 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.0571C380.908990523 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.0571C700.395163673 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.068EC000.927989121 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.068EC1C0.1733972417 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.068EC380.1756761539 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.06E46000.951607057 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.06E46540.1134311647 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel=6944.029EF700.1410825538 /prefetch:3
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll" --lang=cs --channel=6944.05113500.198177524 /prefetch:4
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-69ac596c-e8cd-4289-81c0-d3ec9f9891f9 -SystemEventPortName:HostProcess-447806fa-d720-4372-b155-ab5dd2430d59 -IoCancelEventPortName:HostProcess-8810a66a-0ea5-4cfb-890a-4a2af6f59532 -NonStateChangingEventPortName:HostProcess-b39da2b0-416e-417e-8138-f01774998179 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4b30740b-d43f-454f-8785-84fce5c5f2dc
C:\windows\system32\rundll32.exe "C:\Users\Dopa\AppData\Local\Google\Chrome\USERDA~1\NPAPIF~1\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dopa\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll" --lang=cs --channel=6944.0DC27EB0.993036766 --flash-broker=7340 /prefetch:4
"C:\Users\Dopa\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dopa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=cs --channel=6944.0C493D70.1758881441 /prefetch:4
"C:\Users\Dopa\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\Dopa\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Dopa\AppData\Roaming\Mozilla\Firefox\Profiles\d80jhzfo.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, bkmrksync@nokia.com:1.0.0.732, dwnlink@rapidzasms.cz:1.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {f701c26a-479a-4724-b4f1-870db12f063c}:1.4.4, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Dopa\AppData\Roaming\Mozilla\Firefox\Profiles\d80jhzfo.default\searchplugins\
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-22 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-21 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-15 2095400]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-23 10775072]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2916584]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2011-05-01 5712896]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-04-04 3521424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-04-04 954256]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-04-04 21392]
"GRemoteServer Pro"=C:\Program Files (x86)\GBM\GRemote Pro\GRemoteServer.exe [2011-08-16 2818528]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dopa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-04-26 27264496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dopa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dopa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]
"SAOB Monitor"=C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Dopa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Dopa\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 month======

2012-05-01 10:38:34 ----A---- C:\windows\ntbtlog.txt
2012-04-29 19:28:35 ----D---- C:\_OTL
2012-04-26 11:11:41 ----D---- C:\Program Files\UltraVNC
2012-04-26 09:30:37 ----D---- C:\rsit
2012-04-23 21:50:13 ----D---- C:\Users\Dopa\AppData\Roaming\Google Chrome Backup
2012-04-23 21:49:41 ----D---- C:\Program Files (x86)\Google Chrome Backup
2012-04-17 15:07:19 ----D---- C:\Program Files (x86)\VMware
2012-04-14 09:33:10 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-04-14 09:33:10 ----A---- C:\windows\system32\mshtmled.dll
2012-04-14 09:33:09 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-04-14 09:33:09 ----A---- C:\windows\system32\iertutil.dll
2012-04-14 09:33:08 ----A---- C:\windows\SYSWOW64\url.dll
2012-04-14 09:33:08 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-04-14 09:33:08 ----A---- C:\windows\system32\url.dll
2012-04-14 09:33:08 ----A---- C:\windows\system32\jscript9.dll
2012-04-14 09:33:08 ----A---- C:\windows\system32\ieui.dll
2012-04-14 09:33:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-04-14 09:33:07 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-04-14 09:33:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-04-14 09:33:07 ----A---- C:\windows\system32\jscript.dll
2012-04-14 09:33:06 ----A---- C:\windows\system32\urlmon.dll
2012-04-14 09:33:06 ----A---- C:\windows\system32\jsproxy.dll
2012-04-14 09:33:05 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-04-14 09:33:04 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-04-14 09:33:04 ----A---- C:\windows\system32\wininet.dll
2012-04-14 09:33:03 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-04-14 09:33:01 ----A---- C:\windows\system32\mshtml.dll
2012-04-14 09:33:00 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-04-14 09:32:58 ----A---- C:\windows\system32\ieframe.dll
2012-04-11 08:05:29 ----A---- C:\windows\system32\ntoskrnl.exe
2012-04-11 08:05:26 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2012-04-11 08:05:24 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2012-04-11 07:59:47 ----A---- C:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:59:46 ----A---- C:\windows\SYSWOW64\wmi.dll
2012-04-11 07:59:46 ----A---- C:\windows\SYSWOW64\wintrust.dll
2012-04-11 07:59:46 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2012-04-11 07:59:46 ----A---- C:\windows\system32\wmi.dll
2012-04-11 07:59:46 ----A---- C:\windows\system32\wintrust.dll
2012-04-11 07:59:46 ----A---- C:\windows\system32\imagehlp.dll
2012-04-10 21:42:55 ----D---- C:\Program Files\Nokia
2012-04-10 19:29:11 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys
2012-04-10 19:29:02 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-04-10 18:31:09 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2012-04-10 18:12:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2012-04-10 17:54:33 ----D---- C:\Program Files (x86)\COMPlus Applications
2012-04-10 17:25:53 ----D---- C:\Program Files (x86)\ODEON
2012-04-09 20:10:38 ----D---- C:\Program Files (x86)\LooksBuilder

======List of files/folders modified in the last 1 month======

2012-05-03 10:52:10 ----D---- C:\windows\Temp
2012-05-03 10:52:05 ----D---- C:\Program Files\trend micro
2012-05-03 10:38:45 ----D---- C:\Users\Dopa\AppData\Roaming\Skype
2012-05-03 10:21:04 ----SHD---- C:\System Volume Information
2012-05-03 10:09:52 ----D---- C:\_ZALOHY
2012-05-03 09:56:51 ----D---- C:\windows\System32
2012-05-03 09:56:51 ----D---- C:\windows\inf
2012-05-03 09:56:51 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-05-03 09:16:34 ----D---- C:\windows\system32\config
2012-05-02 20:17:08 ----D---- C:\Users\Dopa\AppData\Roaming\Dropbox
2012-05-02 19:33:24 ----SHD---- C:\$Recycle.Bin
2012-05-02 18:02:00 ----D---- C:\windows\system32\NDF
2012-05-02 17:06:25 ----D---- C:\windows\system32\DriverStore
2012-05-02 17:05:01 ----D---- C:\Users\Dopa\AppData\Roaming\ICQ
2012-05-02 09:00:49 ----D---- C:\windows\Microsoft.NET
2012-05-02 08:30:53 ----SHD---- C:\windows\Installer
2012-05-02 08:30:36 ----D---- C:\windows\SysWOW64
2012-05-02 08:30:35 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2012-05-02 08:29:44 ----RSD---- C:\windows\assembly
2012-05-01 18:32:54 ----D---- C:\windows\system32\drivers\etc
2012-05-01 18:32:33 ----D---- C:\windows\Tasks
2012-05-01 18:32:30 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-01 10:38:34 ----D---- C:\Windows
2012-04-28 21:40:44 ----RSD---- C:\windows\Fonts
2012-04-27 08:56:43 ----RD---- C:\Program Files (x86)\Skype
2012-04-27 08:56:43 ----D---- C:\Program Files (x86)\Common Files
2012-04-27 08:56:36 ----D---- C:\ProgramData\Skype
2012-04-26 14:03:18 ----D---- C:\Dopa
2012-04-26 11:11:41 ----RD---- C:\Program Files
2012-04-26 10:26:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-25 21:48:33 ----D---- C:\Users\Dopa\AppData\Roaming\VMware
2012-04-23 21:49:41 ----RD---- C:\Program Files (x86)
2012-04-23 21:08:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-04-22 19:09:50 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-22 19:09:42 ----D---- C:\windows\system32\drivers
2012-04-21 10:14:48 ----D---- C:\windows\Prefetch
2012-04-19 11:45:43 ----D---- C:\windows\debug
2012-04-17 16:55:36 ----D---- C:\_PRACE
2012-04-17 15:08:01 ----D---- C:\ProgramData\VMware
2012-04-16 13:31:46 ----D---- C:\Users\Dopa\AppData\Roaming\Mozilla
2012-04-16 13:23:04 ----D---- C:\Users\Dopa\AppData\Roaming\Acronis
2012-04-16 13:19:46 ----D---- C:\windows\winsxs
2012-04-16 13:17:16 ----D---- C:\Program Files\Internet Explorer
2012-04-16 13:17:16 ----D---- C:\Program Files (x86)\Internet Explorer
2012-04-16 13:17:15 ----D---- C:\windows\SYSWOW64\migration
2012-04-16 13:17:15 ----D---- C:\windows\system32\migration
2012-04-14 23:24:39 ----D---- C:\windows\system32\Tasks
2012-04-14 09:33:40 ----D---- C:\windows\system32\catroot
2012-04-14 09:33:39 ----D---- C:\windows\system32\catroot2
2012-04-12 07:30:15 ----D---- C:\ProgramData\Microsoft Help
2012-04-11 08:00:10 ----A---- C:\windows\system32\MRT.exe
2012-04-10 21:08:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-04-10 21:02:19 ----D---- C:\Program Files (x86)\Nokia
2012-04-10 19:29:11 ----DC---- C:\windows\system32\DRVSTORE
2012-04-10 19:24:21 ----D---- C:\Users\Dopa\AppData\Roaming\Nokia
2012-04-10 19:21:43 ----D---- C:\ProgramData\Installations
2012-04-10 18:00:37 ----D---- C:\ProgramData\Nokia
2012-04-10 17:58:51 ----D---- C:\windows\registration
2012-04-10 17:16:39 ----D---- C:\_SOFT
2012-04-10 14:15:37 ----D---- C:\windows\system32\drivers\UMDF
2012-04-05 21:04:13 ----A---- C:\windows\ODBC.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 BtHidBus;Bluetooth HID Bus Service; C:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2012-03-07 277088]
R0 speedfan;speedfan; C:\windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\windows\system32\DRIVERS\tdrpm273.sys [2012-03-07 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\windows\system32\DRIVERS\timntr.sys [2012-03-07 970336]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 NetworkX;NetworkX; C:\windows\syswow64\ckldrv.sys [2006-01-10 31846]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-08-06 11576]
R3 afcdp;afcdp; C:\windows\system32\DRIVERS\afcdp.sys [2012-03-07 279136]
R3 amdiox64;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-09-08 10203648]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-09-08 310784]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
R3 BCM42RLY;BCM42RLY; C:\windows\system32\drivers\BCM42RLY.sys [2011-05-01 22592]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-05-01 3060800]
R3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-04-29 340520]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-04-29 102440]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-04-29 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-29 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-04-29 21544]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator; C:\windows\system32\DRIVERS\GRemoteBus64.sys [2009-08-05 27336]
R3 GRemoteJoy;GRemote virtual joystick Device Driver; C:\windows\system32\DRIVERS\GRemoteJoy64.sys [2009-08-05 46792]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-04-23 2356000]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2010-11-20 82816]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-04-15 319536]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2009-06-04 34872]
S2 Aspi32;Aspi32; C:\windows\System32\drivers\aspi32.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\windows\System32\Drivers\btcombus.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2011-10-27 95928]
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 kvnet;Kerio Virtual Network Adapter; C:\windows\system32\DRIVERS\kvnet.sys [2010-07-15 30720]
S3 kwflower;Kerio Control - Lower Layer Driver; C:\windows\system32\DRIVERS\kwflower.sys []
S3 netfilter;Netfilter; C:\windows\system32\DRIVERS\netfilter.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 QWARQNet;Qwarq Virtual Miniport; C:\windows\system32\DRIVERS\QWARQNet.sys []
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2011-10-27 203320]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-04-19 16448]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\windows\system32\DRIVERS\vmnetadapter.sys []
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\windows\System32\DRIVERS\vserial.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-03-07 3975088]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-09-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-08 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-04-29 944928]
R2 CDMA Device Service;CDMA Device Service; C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
R2 Crypkey License;Crypkey License; C:\windows\SYSTEM32\crypserv.exe [2008-05-08 122880]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\winvnc.exe [2012-02-14 2169056]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 42360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-29 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-06 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-11-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\windows\System32\tlntsvr.exe [2009-07-14 81920]

-----------------EOF-----------------

Re: Prosím o kontrolu logu.

Napsal: 03 kvě 2012 11:08
od vyosek
:arrow: Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam :arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A je to :|

Re: Prosím o kontrolu logu.

Napsal: 03 kvě 2012 11:17
od dopa
super.. Spybot jsem zapomněl odebrat, už je pryč..

CCleaner používám cca jednou za měsíc. budu používat častěji.
ostatní pustím, až u něj budu.. :)
běží znatelně rychleji... už se na něm dá dělat :)
jen se dost přehřívá, což taky bude příčina zpomalování, ale to je věc jiná... vyčistím ventilátor a dám novou teplovodivou pastu

Děkuji moc za pomoc..

Re: Prosím o kontrolu logu.

Napsal: 03 kvě 2012 13:05
od vyosek
Neni zac, rado se stalo :worship:
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz