VIRY.CZ

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : MM [Práva správce]
Mód : Kontrola -- Datum : 10/29/2013 21:48:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 5 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Local\Pokki\ocdeskband_0.dll [x] -> ODEBRÁNO
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> ODEBRÁNO
[SUSP PATH] icq.exe -- C:\Users\MM\AppData\Roaming\ICQM\icq.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ICQ (C:\Users\MM\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : Pokki (C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband [7][7][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1107837428-173974533-547177936-1000\[...]\Run : ICQ (C:\Users\MM\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1107837428-173974533-547177936-1000\[...]\Run : Pokki (C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband [7][7][x]) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][ROGUE ST] 4335 : wscript.exe - C:\Users\MM\AppData\Local\Temp\launchie.vbs //B -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5002ABYS-01B1B0 ATA Device +++++
--- User ---
[MBR] 9a260c2a1d91f520e1a93bd89d194c89
[BSP] 26eeeecc544f439add5a660bcab7a695 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD1001FALS-00J7B0 ATA Device +++++
--- User ---
[MBR] 046f82dd9fbb385af6574b89c3eaa8e5
[BSP] 18d8e6a0aceb0637c665c39574fbdb69 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10292013_214811.txt >>

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : MM [Práva správce]
Mód : Odebrat -- Datum : 10/30/2013 16:38:43
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 5 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Local\Pokki\ocdeskband_0.dll [x] -> ODEBRÁNO
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> ODEBRÁNO
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]
[SUSP PATH] icq.exe -- C:\Users\MM\AppData\Roaming\ICQM\icq.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ICQ (C:\Users\MM\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : Pokki (C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband [7][7][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1107837428-173974533-547177936-1000\[...]\Run : ICQ (C:\Users\MM\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1107837428-173974533-547177936-1000\[...]\Run : Pokki (C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband [7][7][x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][ROGUE ST] 4335 : wscript.exe - C:\Users\MM\AppData\Local\Temp\launchie.vbs //B -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5002ABYS-01B1B0 ATA Device +++++
--- User ---
[MBR] 9a260c2a1d91f520e1a93bd89d194c89
[BSP] 26eeeecc544f439add5a660bcab7a695 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD1001FALS-00J7B0 ATA Device +++++
--- User ---
[MBR] 046f82dd9fbb385af6574b89c3eaa8e5
[BSP] 18d8e6a0aceb0637c665c39574fbdb69 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10302013_163843.txt >>
RKreport[0]_S_10292013_214811.txt;RKreport[0]_S_10302013_163839.txt


RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : MM [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/30/2013 16:39:39
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 5 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Local\Pokki\ocdeskband_0.dll [x] -> ODEBRÁNO
[SUSP PATH][DLL] explorer.exe -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> ODEBRÁNO
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]
[SUSP PATH] icq.exe -- C:\Users\MM\AppData\Roaming\ICQM\icq.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] pokki.exe -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_10302013_163939.txt >>
RKreport[0]_D_10302013_163843.txt;RKreport[0]_S_10292013_214811.txt;RKreport[0]_S_10302013_163839.txt

Dejte novy log z RSIT

Zopakujte sken s OTL (vcetne zkopirovani toho textu) a dejte jeho log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by MM at 2013-10-30 22:20:13
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 357 GB (75%) free of 477 GB
Total RAM: 3326 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:17, on 30.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
D:\DATA_07 Instalace\PC údržba_instal\RSIT (4).exe
C:\Program Files\trend micro\MM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files\Soda PDF 5\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Google Update] "C:\Users\MM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\MM\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\MM\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Soda PDF 5 Helper Service - LULU Software - C:\Program Files\Soda PDF 5\HelperService.exe
O23 - Service: Soda PDF 5 Service - LULU Software - C:\Program Files\Soda PDF 5\ConversionService.exe

--
End of file - 8802 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
C:\Windows\tasks\Torntv 2-codedownloader.job
C:\Windows\tasks\Torntv 2-enabler.job
C:\Windows\tasks\Torntv 2-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"FFSodaPDF5Converter@sodapdf.com"=C:\Program Files\Soda PDF 5\FFSoda5Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\
staged
trash
WebSiteRecommendation@weliketheweb.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C737F472-1193-4281-BF53-A00B67AB3E19}]
Soda PDF 5 IE Helper - C:\Program Files\Soda PDF 5\PDFIEHelper.dll [2013-01-25 91488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - Soda PDF 5 IE Toolbar - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll [2013-01-25 691040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-02-05 11738184]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Standby"=c:\Program Files\Common Files\Corel\Standby\Standby.exe [2010-05-17 105632]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]
"Google Update"=C:\Users\MM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-04 116648]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=AC3ACM.acm
"VIDC.CSCD"=CamCodec.dll
"VIDC.CFHD"=CFHD.dll
"msacm.lameacm"=LameACM.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.MLCY"=mlc.dll
"VIDC.ULRA"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULRG"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULY0"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULY2"=C:\Windows\system32\utv_vcm.dll
"vidc.x264"=C:\PROGRA~1\x264vfw\x264vfw.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll
"VIDC.IV50"=ir50_32.dll
"VIDC.IV41"=ir41_32.dll
"msacm.iac2"=iac25_32.ax
"VIDC.GEOX"=GeoCodec.dll
"VIDC.GEOV"=GeoCodec.dll
"VIDC.GEOS"=GeoCodecD.dll
"VIDC.VMnc"=vmnc.dll
"vidc.dvsd"=pdvcodec.dll
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-10-27 18:08:23 ----D---- C:\AdwCleaner
2013-10-27 10:36:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-26 21:35:17 ----D---- C:\Users\MM\AppData\Roaming\Malwarebytes
2013-10-26 21:35:03 ----D---- C:\ProgramData\Malwarebytes
2013-10-26 10:02:48 ----D---- C:\tmp
2013-10-26 10:02:48 ----D---- C:\output
2013-10-25 22:00:53 ----D---- C:\Program Files\trend micro
2013-10-25 21:59:35 ----D---- C:\rsit
2013-10-25 10:05:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-25 10:05:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-24 21:14:46 ----D---- C:\Program Files\Mozilla Thunderbird
2013-10-19 09:33:39 ----D---- C:\Program Files\Common Files\Java
2013-10-19 09:33:32 ----A---- C:\Windows\system32\javaws.exe
2013-10-19 09:33:26 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-19 09:33:26 ----A---- C:\Windows\system32\javaw.exe
2013-10-19 09:33:26 ----A---- C:\Windows\system32\java.exe
2013-10-19 09:11:11 ----D---- C:\ProgramData\Oracle
2013-10-19 08:55:44 ----D---- C:\ProgramData\Sun
2013-10-18 08:51:15 ----D---- C:\Windows\Sun
2013-10-11 09:42:32 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 09:42:32 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 09:42:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 09:42:31 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 09:42:29 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 09:42:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 09:42:29 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 09:42:29 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 09:42:27 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 09:42:27 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 09:42:24 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 07:52:29 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 07:52:27 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 07:52:27 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 07:52:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 07:52:24 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 07:52:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 07:52:24 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 07:52:23 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-11 07:52:21 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 07:52:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 07:52:17 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 07:52:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 07:52:17 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 07:52:16 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 07:52:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 07:52:09 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 07:52:05 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 07:52:00 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 07:52:00 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 07:52:00 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 07:51:58 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 07:51:57 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 22:04:45 ----D---- C:\Users\MM\AppData\Roaming\ICQM
2013-10-09 22:04:25 ----D---- C:\Users\MM\AppData\Roaming\ICQ-Profile
2013-10-05 17:02:56 ----D---- C:\Program Files\WebSite X5 v10 - Home
2013-10-05 16:37:33 ----D---- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013

======List of files/folders modified in the last 1 month======

2013-10-30 22:20:17 ----D---- C:\Windows\Prefetch
2013-10-30 22:19:56 ----D---- C:\Windows\Temp
2013-10-30 20:34:47 ----D---- C:\Users\MM\AppData\Roaming\Dropbox
2013-10-30 18:16:57 ----D---- C:\Windows\system32\config
2013-10-30 16:41:04 ----D---- C:\Windows\System32
2013-10-30 16:38:42 ----D---- C:\Windows\system32\Tasks
2013-10-30 16:38:26 ----D---- C:\Windows\system32\drivers
2013-10-30 09:11:45 ----D---- C:\Windows\system32\catroot2
2013-10-29 21:44:14 ----SHD---- C:\System Volume Information
2013-10-28 18:25:28 ----D---- C:\Windows\Tasks
2013-10-28 18:25:18 ----RD---- C:\Program Files
2013-10-28 18:25:18 ----HD---- C:\ProgramData
2013-10-28 09:20:33 ----D---- C:\Windows\inf
2013-10-28 09:20:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-27 14:08:20 ----D---- C:\Users\MM\AppData\Roaming\GeoGet
2013-10-27 13:34:53 ----D---- C:\Program Files\GeoGet
2013-10-27 13:29:27 ----D---- C:\Windows\system32\NDF
2013-10-26 07:54:34 ----D---- C:\Windows\winsxs
2013-10-26 07:51:47 ----D---- C:\Windows\system32\DriverStore
2013-10-25 21:46:34 ----D---- C:\Program Files\CCleaner
2013-10-25 10:05:02 ----D---- C:\Windows\system32\catroot
2013-10-25 08:48:25 ----D---- C:\Program Files\Mozilla Firefox
2013-10-25 08:36:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-19 09:33:40 ----SHD---- C:\Windows\Installer
2013-10-19 09:33:39 ----D---- C:\Program Files\Common Files
2013-10-18 08:51:15 ----D---- C:\Windows
2013-10-13 15:52:06 ----D---- C:\Garmin
2013-10-13 07:26:24 ----D---- C:\Windows\system32\wdi
2013-10-12 10:22:06 ----D---- C:\Users\MM\AppData\Roaming\Corel
2013-10-11 19:00:52 ----D---- C:\Users\MM\AppData\Roaming\Vso
2013-10-11 17:10:54 ----D---- C:\Windows\rescache
2013-10-11 16:41:30 ----D---- C:\Windows\Microsoft.NET
2013-10-11 16:41:04 ----RSD---- C:\Windows\assembly
2013-10-11 16:15:08 ----D---- C:\Windows\system32\en-US
2013-10-11 16:15:08 ----D---- C:\Windows\system32\cs-CZ
2013-10-11 16:15:07 ----D---- C:\Program Files\Internet Explorer
2013-10-11 09:48:52 ----D---- C:\Windows\system32\MRT
2013-10-11 09:43:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 22:13:46 ----D---- C:\Program Files\Microsoft Security Client
2013-10-09 22:04:11 ----D---- C:\Users\MM\AppData\Roaming\ICQ
2013-10-05 16:58:12 ----D---- C:\Windows\SoftwareDistribution
2013-10-05 16:37:06 ----D---- C:\ProgramData\Ashampoo
2013-10-05 16:37:03 ----D---- C:\Program Files\Ashampoo
2013-10-03 20:54:46 ----D---- C:\Fotografie-iPad
2013-10-03 20:53:36 ----D---- C:\Program Files\KMPlayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 106296]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-29 9164800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-28 265216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-02-05 2602888]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-06-02 47360]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-12-27 614624]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-29 9164800]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-10-27 40776]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-28 163328]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-04-11 299648]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Soda PDF 5 Helper Service;Soda PDF 5 Helper Service; C:\Program Files\Soda PDF 5\HelperService.exe [2013-01-25 1237856]
R2 Soda PDF 5 Service;Soda PDF 5 Service; C:\Program Files\Soda PDF 5\ConversionService.exe [2013-01-25 877920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2013-06-14 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-06-02 1045256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-24 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-30 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

OTL logfile created on: 30.10.2013 22:22:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MM\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 52,46% Memory free
6,50 Gb Paging File | 4,77 Gb Available in Paging File | 73,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 348,75 Gb Free Space | 74,88% Space Free | Partition Type: NTFS
Drive D: | 931,28 Gb Total Space | 376,86 Gb Free Space | 40,47% Space Free | Partition Type: FAT32

Computer Name: MM-PC | User Name: MM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.26 19:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
PRC - [2013.08.12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.08.12 09:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.06.06 02:02:22 | 007,519,512 | ---- | M] (Pokki) -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
PRC - [2013.05.29 22:20:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.05.25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.19 00:45:32 | 001,090,912 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013.04.18 10:06:32 | 000,179,024 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013.04.18 10:06:26 | 000,127,312 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2013.04.18 10:06:24 | 000,158,032 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2013.01.25 16:42:00 | 001,237,856 | ---- | M] (LULU Software) -- C:\Program Files\Soda PDF 5\HelperService.exe
PRC - [2013.01.25 16:42:00 | 000,877,920 | ---- | M] (LULU Software) -- C:\Program Files\Soda PDF 5\ConversionService.exe
PRC - [2012.04.11 13:18:48 | 001,403,008 | ---- | M] (Genie9) -- C:\Program Files\Genie9\Genie Timeline\GenieTimeLineAgent.exe
PRC - [2012.04.11 13:18:48 | 000,299,648 | ---- | M] (Genie9) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
PRC - [2012.03.28 23:19:32 | 000,405,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.03.28 23:18:56 | 000,163,328 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.05.17 16:03:14 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe
PRC - [2008.06.24 15:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.03.20 19:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2007.12.06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.04.03 17:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.02.04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe


========== Modules (No Company Name) ==========

MOD - [2013.10.09 22:04:53 | 000,304,976 | ---- | M] () -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll
MOD - [2013.10.09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013.10.09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013.10.09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013.10.09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013.10.09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013.06.06 02:02:24 | 001,517,848 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\ocdeskband_0.dll
MOD - [2013.04.19 00:46:32 | 000,276,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2013.04.19 00:46:32 | 000,093,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2013.04.19 00:46:16 | 002,653,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2013.04.19 00:46:16 | 000,364,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2013.04.19 00:46:14 | 011,166,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2013.04.19 00:46:12 | 001,346,912 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2013.04.19 00:46:12 | 000,206,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2013.04.19 00:46:10 | 001,014,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2013.04.19 00:46:10 | 000,720,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2013.04.19 00:46:08 | 008,507,232 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2013.04.19 00:46:08 | 000,520,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2013.04.19 00:46:06 | 002,480,992 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2013.04.19 00:46:06 | 002,354,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2013.04.19 00:46:02 | 000,446,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2013.04.19 00:45:58 | 000,207,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2013.04.19 00:45:58 | 000,035,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2013.04.19 00:45:56 | 000,033,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2013.04.19 00:45:28 | 000,438,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2013.04.19 00:44:48 | 000,606,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2013.04.15 12:26:16 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2013.04.15 12:26:16 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2013.03.13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\MM\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.01.26 03:53:28 | 000,716,288 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\libGLESv2.dll
MOD - [2013.01.26 03:53:28 | 000,569,856 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:53:28 | 000,130,048 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\libEGL.dll
MOD - [2013.01.25 23:07:56 | 001,400,846 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avcodec-54.dll
MOD - [2013.01.25 23:07:54 | 000,222,734 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avformat-54.dll
MOD - [2013.01.25 23:07:54 | 000,151,054 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avutil-51.dll
MOD - [2012.11.14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\MM\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.04.11 10:38:06 | 000,601,600 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSBackupManager.gtl
MOD - [2012.04.11 10:38:06 | 000,396,288 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSIndexDB.gtl
MOD - [2012.04.11 10:38:06 | 000,396,288 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll
MOD - [2012.04.11 10:38:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\OnlineHandler.gtl
MOD - [2012.04.11 10:38:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll
MOD - [2012.04.11 10:38:06 | 000,280,064 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSWatcher4.gtl
MOD - [2012.04.11 10:38:06 | 000,168,960 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\Settings.gtl
MOD - [2012.04.11 10:38:06 | 000,168,960 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\Settings.dll
MOD - [2012.04.11 10:38:06 | 000,158,208 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl
MOD - [2012.04.11 10:38:06 | 000,071,168 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\QueueManager.gtl
MOD - [2012.04.11 10:38:06 | 000,071,168 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\QueueManager.dll
MOD - [2012.04.11 10:38:06 | 000,059,392 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\XBalloonMsgDll.dll
MOD - [2012.04.11 10:38:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogManager.gtl
MOD - [2012.03.22 10:32:32 | 000,080,384 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSEncryption.gtl
MOD - [2012.03.22 10:32:32 | 000,080,384 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll
MOD - [2012.03.22 10:32:32 | 000,072,704 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSCurl.dll
MOD - [2012.03.22 10:32:32 | 000,043,008 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.gtl
MOD - [2012.03.22 10:32:32 | 000,043,008 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll
MOD - [2012.03.22 10:32:32 | 000,038,400 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogging.gtl
MOD - [2012.03.22 10:32:32 | 000,038,400 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogging.dll
MOD - [2012.03.22 10:32:32 | 000,010,752 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\RWLock.gtl
MOD - [2012.03.22 10:32:32 | 000,010,752 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\RWLock.dll
MOD - [2012.02.02 10:16:20 | 000,923,136 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\sqlite3.gtl
MOD - [2012.02.02 10:16:20 | 000,923,136 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\sqlite3.dll
MOD - [2012.02.02 10:16:20 | 000,009,728 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.gtl


========== Services (SafeList) ==========

SRV - [2013.10.24 21:15:02 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.14 21:50:24 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2013.06.03 15:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.02 14:59:50 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.30 16:52:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.25 16:42:00 | 001,237,856 | ---- | M] (LULU Software) [Auto | Running] -- C:\Program Files\Soda PDF 5\HelperService.exe -- (Soda PDF 5 Helper Service)
SRV - [2013.01.25 16:42:00 | 000,877,920 | ---- | M] (LULU Software) [Auto | Running] -- C:\Program Files\Soda PDF 5\ConversionService.exe -- (Soda PDF 5 Service)
SRV - [2012.04.11 13:18:48 | 000,299,648 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2012.03.28 23:18:56 | 000,163,328 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007.12.06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2013.10.27 10:36:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013.06.18 20:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013.01.23 09:31:52 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2013.01.23 09:31:52 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2013.01.23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.10.17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.09.17 12:05:08 | 000,106,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2012.08.23 15:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.03.29 04:29:06 | 009,164,800 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.03.29 04:29:06 | 009,164,800 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.03.28 22:08:42 | 000,265,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.09.10 14:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OlyCamComm.sys -- (OlyCamComm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.idnes.cz/http://www.ak [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {7603E22C-4D5D-4C45-A8B9-84E3700694EA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.p ... 243925&ir=
IE - HKCU\..\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKCU\..\SearchScopes\{7603E22C-4D5D-4C45-A8B9-84E3700694EA}: "URL" = http://search.conduit.com/ResultsExt.as ... 18222&UM=2
IE - HKCU\..\SearchScopes\{B7B12FF6-3262-4612-A241-1461DA1846DD}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... 6spr%253Da
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MM\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MM\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFSodaPDF5Converter@sodapdf.com: C:\Program Files\Soda PDF 5\FFSoda5Ext [2013.06.02 13:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2013.05.28 21:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Extensions
[2013.10.28 18:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions
[2013.10.13 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\staged
[2013.10.13 13:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\trash
[2013.06.30 10:07:59 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\WebSiteRecommendation@weliketheweb.com
[2013.06.29 23:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profilescdxqgtr4.default\extensions
[2013.06.29 23:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profilescdxqgtr4.default\extensions\staged
[2013.06.30 09:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\trtv3@trtv.com.xpi
[2013.05.29 18:56:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.29 18:56:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\MM\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Authorware Web Player (Enabled) = C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: CacheList = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\3.0.4_0\
CHR - Extension: Dokumenty Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.10.30 16:39:39 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Soda PDF 5 IE Helper) - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files\Soda PDF 5\PDFIEHelper.dll (LULU Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Soda PDF 5 IE Toolbar) - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - Startup: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné weby)
O15 - HKCU\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné weby)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88F0FE0E-3F47-432C-A9AE-1A63BE7485A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3CF2AB9-B78C-45F0-BABF-2D8E6E8BF54E}: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.06.05 16:34:33 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8f321bda-f4f3-11e2-bdc2-001d7d08db0f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f321bda-f4f3-11e2-bdc2-001d7d08db0f}\Shell\AutoRun\command - "" = J:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.10.30 20:33:22 | 000,000,000 | R--D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013.10.29 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Local\CrashDumps
[2013.10.29 21:40:37 | 000,000,000 | ---D | C] -- C:\Users\MM\Desktop\RK_Quarantine
[2013.10.27 18:08:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.27 13:54:49 | 000,000,000 | ---D | C] -- C:\Users\MM\geokuk
[2013.10.27 10:36:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.10.26 21:35:17 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Malwarebytes
[2013.10.26 21:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.10.26 19:46:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
[2013.10.26 10:02:48 | 000,000,000 | ---D | C] -- C:\tmp
[2013.10.26 10:02:48 | 000,000,000 | ---D | C] -- C:\output
[2013.10.25 22:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.25 21:59:36 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.10.25 21:59:35 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.25 10:05:39 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.10.25 10:05:39 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.10.24 21:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.10.19 09:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.10.19 09:33:32 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.19 09:33:26 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.19 09:33:26 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.19 09:33:26 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.19 09:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.19 09:21:37 | 000,000,000 | ---D | C] -- C:\Users\MM\KBCertifikat
[2013.10.19 09:13:15 | 000,000,000 | ---D | C] -- C:\Users\MM\kbpki
[2013.10.19 09:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.19 08:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.10.18 08:51:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.10.13 21:19:54 | 000,000,000 | ---D | C] -- C:\Users\MM\Desktop\weby_prac
[2013.10.13 15:37:56 | 000,000,000 | ---D | C] -- C:\Users\MM\Desktop\prac složka trasy GPX
[2013.10.11 09:42:32 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.10.11 09:42:32 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.10.11 09:42:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.10.11 09:42:31 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.10.11 09:42:30 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.10.11 09:42:30 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.10.11 09:42:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.10.11 09:42:30 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.10.11 09:42:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.10.11 09:42:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.10.11 07:52:27 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.10.11 07:52:26 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013.10.11 07:52:18 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.10.11 07:52:17 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.10.11 07:52:17 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013.10.11 07:52:13 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013.10.11 07:52:11 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.10.11 07:52:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.10.11 07:52:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.10.11 07:52:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013.10.11 07:52:09 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013.10.11 07:52:05 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.10.09 22:05:02 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
[2013.10.09 22:04:45 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\ICQM
[2013.10.09 22:04:25 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\ICQ-Profile
[2013.10.05 17:11:25 | 000,000,000 | ---D | C] -- C:\Users\MM\Documents\Incomedia
[2013.10.05 17:03:57 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Local\Incomedia
[2013.10.05 17:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Home
[2013.10.05 17:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\WebSite X5 v10 - Home
[2013.10.05 16:37:33 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.10.05 16:31:00 | 011,706,640 | ---- | C] (CompSoft) -- C:\Users\MM\Desktop\LastFM.exe
[2013.06.02 10:54:33 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\MM\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.10.30 21:59:00 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\Torntv 2-updater.job
[2013.10.30 21:59:00 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\Torntv 2-codedownloader.job
[2013.10.30 21:59:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\Torntv 2-enabler.job
[2013.10.30 21:53:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
[2013.10.30 20:42:56 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.30 20:42:56 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.30 20:33:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.30 20:33:07 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.29 21:39:31 | 003,538,944 | ---- | M] () -- C:\Users\MM\Desktop\RogueKiller.exe
[2013.10.29 08:53:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
[2013.10.28 09:20:33 | 000,666,194 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.10.28 09:20:33 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.10.28 09:20:33 | 000,139,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.10.28 09:20:33 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.10.27 18:07:42 | 001,060,070 | ---- | M] () -- C:\Users\MM\Desktop\adwcleaner.exe
[2013.10.27 13:34:53 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\GeoGet.lnk
[2013.10.27 10:36:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.10.26 19:52:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.26 19:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
[2013.10.19 09:33:19 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.19 09:33:17 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.19 09:33:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.19 09:33:16 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.16 08:04:44 | 000,002,346 | ---- | M] () -- C:\Users\MM\Desktop\Google Chrome.lnk
[2013.10.11 16:16:49 | 003,812,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.09 22:13:58 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.10.09 22:05:02 | 000,001,790 | ---- | M] () -- C:\Users\MM\Desktop\ICQ8.lnk
[2013.10.05 17:03:41 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\WebSite X5 Home 10.lnk
[2013.10.05 16:37:22 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2013.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.29 21:40:05 | 003,538,944 | ---- | C] () -- C:\Users\MM\Desktop\RogueKiller.exe
[2013.10.27 18:08:11 | 001,060,070 | ---- | C] () -- C:\Users\MM\Desktop\adwcleaner.exe
[2013.10.26 19:52:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.09 22:05:02 | 000,001,790 | ---- | C] () -- C:\Users\MM\Desktop\ICQ8.lnk
[2013.10.05 17:03:41 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\WebSite X5 Home 10.lnk
[2013.10.05 16:37:22 | 000,001,305 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2013.lnk
[2013.08.03 16:10:01 | 000,000,088 | RHS- | C] () -- C:\ProgramData\48AE367A9D.sys
[2013.08.03 16:09:59 | 000,006,266 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013.08.03 13:45:59 | 000,000,010 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pdfdrawcodec.dll
[2013.06.02 11:05:36 | 000,039,095 | ---- | C] () -- C:\Windows\iccsigs.dat
[2013.06.02 11:05:35 | 000,112,688 | ---- | C] () -- C:\Windows\System32\shw32.dll
[2013.06.02 10:54:33 | 000,087,608 | ---- | C] () -- C:\Users\MM\AppData\Roaming\inst.exe
[2013.06.02 10:54:33 | 000,007,887 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pcouffin.cat
[2013.06.02 10:54:33 | 000,001,144 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pcouffin.inf
[2013.06.02 10:33:11 | 000,001,024 | ---- | C] () -- C:\Users\MM\.rnd
[2013.05.30 17:38:11 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2013.05.28 17:54:12 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.05.28 16:21:28 | 000,000,017 | ---- | C] () -- C:\Users\MM\AppData\Local\resmon.resmoncfg
[2013.05.28 16:13:22 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013.05.28 16:13:22 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013.05.28 16:13:21 | 000,155,648 | ---- | C] () -- C:\Windows\System32\utv_core.dll
[2013.05.28 16:13:21 | 000,069,632 | ---- | C] () -- C:\Windows\System32\utv_vcm.dll
[2013.05.28 16:13:20 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 16:13:20 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013.05.28 16:13:20 | 000,001,778 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.28 16:11:19 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll
[2013.05.28 16:11:19 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2013.05.28 16:10:47 | 000,600,880 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.05.28 16:10:47 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.05.28 16:10:47 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.05.28 16:10:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\amdverag.dll
[2013.05.28 16:08:47 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.05.28 16:08:25 | 000,413,797 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.05.28 15:50:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.03.13 17:49:46 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.02.07 13:22:00 | 000,050,330 | ---- | C] () -- C:\Program Files\AntiDust.exe
[2012.05.21 15:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.06.02 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\APP_NAME_NON_STRING
[2013.06.15 08:54:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ArcticLine
[2013.06.14 21:33:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo
[2013.10.05 16:37:33 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.06.14 21:58:26 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Autodesk
[2013.06.02 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\calibre
[2013.06.03 15:56:01 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Canon
[2013.10.30 20:34:47 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Dropbox
[2013.06.02 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Engelmann Media
[2013.09.14 15:42:43 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GARMIN
[2013.07.28 09:23:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Genie9
[2013.10.27 14:08:20 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GeoGet
[2013.06.24 16:55:00 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GHISLER
[2013.10.09 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ
[2013.10.10 11:50:44 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ-Profile
[2013.10.09 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQM
[2013.09.24 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Moto assistant
[2013.08.03 13:59:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\MOVAVI
[2013.06.09 08:54:41 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Nokia
[2013.06.25 17:26:05 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PC Suite
[2013.06.16 16:09:45 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PDF Software
[2013.08.11 09:10:27 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\SAMSUNG Drivers Update Utility
[2013.05.30 17:38:03 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ScanSoft
[2013.05.28 21:55:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Thunderbird
[2013.05.28 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\TreeCardGames
[2013.08.03 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ulead Systems
[2013.10.11 19:00:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Vso
[2013.06.15 10:45:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\XnView
[2013.08.03 13:47:24 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\YCanPDF

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013.05.28 21:12:28 | 000,030,208 | ---- | C] ()(C:\Users\MM\Documents\?? ???????? EMCOS s.doc) -- C:\Users\MM\Documents\ОБ ОБЩЕСТВЕ EMCOS s.doc
[2008.06.26 19:49:30 | 000,030,208 | ---- | M] ()(C:\Users\MM\Documents\?? ???????? EMCOS s.doc) -- C:\Users\MM\Documents\ОБ ОБЩЕСТВЕ EMCOS s.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 853 bytes -> C:\Users\MM\Documents\Fw_ E-mailové potvrzení objednávky.eml:OECustomProperty
@Alternate Data Stream - 748 bytes -> C:\Users\MM\Documents\Fw_ Joint a policajti.eml:OECustomProperty

< End of report >

OTL bylo pouzito bez skriptu. Nezkopiroval jste tam ten text, takze jeste jednou, presne podle tohoto http://forum.viry.cz/viewtopic.php?f=30 ... 6#p1264664

OTL následně spuštěno vč. textu skriptu, kontrola LOP a Purity.

OTL test neproběhl do konce, hláška Cannot create file C:\Users\MM\Desktop\cmd.bat

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Logfile of random's system information tool 1.09 (written by random/random)
Run by MM at 2013-11-01 18:51:59
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 359 GB (75%) free of 477 GB
Total RAM: 3326 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:03, on 1.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Genie9\Genie Timeline\GenieTimelineAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\MM\AppData\Roaming\ICQM\icq.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MM\Desktop\RSIT (4).exe
C:\Program Files\trend micro\MM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files\Soda PDF 5\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Google Update] "C:\Users\MM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [icq] C:\Users\MM\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\MM\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\MM\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Soda PDF 5 Helper Service - LULU Software - C:\Program Files\Soda PDF 5\HelperService.exe
O23 - Service: Soda PDF 5 Service - LULU Software - C:\Program Files\Soda PDF 5\ConversionService.exe

--
End of file - 8951 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
C:\Windows\tasks\Torntv 2-codedownloader.job
C:\Windows\tasks\Torntv 2-enabler.job
C:\Windows\tasks\Torntv 2-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"FFSodaPDF5Converter@sodapdf.com"=C:\Program Files\Soda PDF 5\FFSoda5Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\
staged
trash
WebSiteRecommendation@weliketheweb.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C737F472-1193-4281-BF53-A00B67AB3E19}]
Soda PDF 5 IE Helper - C:\Program Files\Soda PDF 5\PDFIEHelper.dll [2013-01-25 91488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - Soda PDF 5 IE Toolbar - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll [2013-01-25 691040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-02-05 11738184]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Standby"=c:\Program Files\Common Files\Corel\Standby\Standby.exe [2010-05-17 105632]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]
"Google Update"=C:\Users\MM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-04 116648]
"icq"=C:\Users\MM\AppData\Roaming\ICQM\icq.exe [2013-10-09 27598184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=AC3ACM.acm
"VIDC.CSCD"=CamCodec.dll
"VIDC.CFHD"=CFHD.dll
"msacm.lameacm"=LameACM.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.MLCY"=mlc.dll
"VIDC.ULRA"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULRG"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULY0"=C:\Windows\system32\utv_vcm.dll
"VIDC.ULY2"=C:\Windows\system32\utv_vcm.dll
"vidc.x264"=C:\PROGRA~1\x264vfw\x264vfw.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll
"VIDC.IV50"=ir50_32.dll
"VIDC.IV41"=ir41_32.dll
"msacm.iac2"=iac25_32.ax
"VIDC.GEOX"=GeoCodec.dll
"VIDC.GEOV"=GeoCodec.dll
"VIDC.GEOS"=GeoCodecD.dll
"VIDC.VMnc"=vmnc.dll
"vidc.dvsd"=pdvcodec.dll
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-10-27 18:08:23 ----D---- C:\AdwCleaner
2013-10-27 10:36:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-26 21:35:17 ----D---- C:\Users\MM\AppData\Roaming\Malwarebytes
2013-10-26 21:35:03 ----D---- C:\ProgramData\Malwarebytes
2013-10-26 10:02:48 ----D---- C:\tmp
2013-10-26 10:02:48 ----D---- C:\output
2013-10-25 22:00:53 ----D---- C:\Program Files\trend micro
2013-10-25 21:59:35 ----D---- C:\rsit
2013-10-25 10:05:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-25 10:05:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-25 10:05:39 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-24 21:14:46 ----D---- C:\Program Files\Mozilla Thunderbird
2013-10-19 09:33:39 ----D---- C:\Program Files\Common Files\Java
2013-10-19 09:33:32 ----A---- C:\Windows\system32\javaws.exe
2013-10-19 09:33:26 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-19 09:33:26 ----A---- C:\Windows\system32\javaw.exe
2013-10-19 09:33:26 ----A---- C:\Windows\system32\java.exe
2013-10-19 09:11:11 ----D---- C:\ProgramData\Oracle
2013-10-19 08:55:44 ----D---- C:\ProgramData\Sun
2013-10-18 08:51:15 ----D---- C:\Windows\Sun
2013-10-11 09:42:32 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 09:42:32 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 09:42:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 09:42:31 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 09:42:30 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 09:42:29 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 09:42:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 09:42:29 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 09:42:29 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 09:42:27 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 09:42:27 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 09:42:24 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 07:52:29 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 07:52:27 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 07:52:27 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 07:52:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 07:52:24 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 07:52:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 07:52:24 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 07:52:23 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-11 07:52:21 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 07:52:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 07:52:17 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 07:52:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 07:52:17 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 07:52:16 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 07:52:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 07:52:11 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 07:52:09 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 07:52:05 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 07:52:00 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 07:52:00 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 07:52:00 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 07:51:58 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 07:51:57 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 22:04:45 ----D---- C:\Users\MM\AppData\Roaming\ICQM
2013-10-09 22:04:25 ----D---- C:\Users\MM\AppData\Roaming\ICQ-Profile
2013-10-05 17:02:56 ----D---- C:\Program Files\WebSite X5 v10 - Home
2013-10-05 16:37:33 ----D---- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013

======List of files/folders modified in the last 1 month======

2013-11-01 18:52:03 ----D---- C:\Windows\Prefetch
2013-11-01 18:51:39 ----D---- C:\Windows\Temp
2013-11-01 11:18:14 ----D---- C:\Windows\system32\config
2013-11-01 09:01:12 ----D---- C:\Users\MM\AppData\Roaming\Dropbox
2013-10-31 21:46:31 ----SHD---- C:\System Volume Information
2013-10-30 16:41:04 ----D---- C:\Windows\System32
2013-10-30 16:38:42 ----D---- C:\Windows\system32\Tasks
2013-10-30 16:38:26 ----D---- C:\Windows\system32\drivers
2013-10-30 09:11:45 ----D---- C:\Windows\system32\catroot2
2013-10-28 18:25:28 ----D---- C:\Windows\Tasks
2013-10-28 18:25:18 ----RD---- C:\Program Files
2013-10-28 18:25:18 ----HD---- C:\ProgramData
2013-10-28 09:20:33 ----D---- C:\Windows\inf
2013-10-28 09:20:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-27 14:08:20 ----D---- C:\Users\MM\AppData\Roaming\GeoGet
2013-10-27 13:34:53 ----D---- C:\Program Files\GeoGet
2013-10-27 13:29:27 ----D---- C:\Windows\system32\NDF
2013-10-26 07:54:34 ----D---- C:\Windows\winsxs
2013-10-26 07:51:47 ----D---- C:\Windows\system32\DriverStore
2013-10-25 21:46:34 ----D---- C:\Program Files\CCleaner
2013-10-25 10:05:02 ----D---- C:\Windows\system32\catroot
2013-10-25 08:48:25 ----D---- C:\Program Files\Mozilla Firefox
2013-10-25 08:36:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-19 09:33:40 ----SHD---- C:\Windows\Installer
2013-10-19 09:33:39 ----D---- C:\Program Files\Common Files
2013-10-18 08:51:15 ----D---- C:\Windows
2013-10-13 15:52:06 ----D---- C:\Garmin
2013-10-13 07:26:24 ----D---- C:\Windows\system32\wdi
2013-10-12 10:22:06 ----D---- C:\Users\MM\AppData\Roaming\Corel
2013-10-11 19:00:52 ----D---- C:\Users\MM\AppData\Roaming\Vso
2013-10-11 17:10:54 ----D---- C:\Windows\rescache
2013-10-11 16:41:30 ----D---- C:\Windows\Microsoft.NET
2013-10-11 16:41:04 ----RSD---- C:\Windows\assembly
2013-10-11 16:15:08 ----D---- C:\Windows\system32\en-US
2013-10-11 16:15:08 ----D---- C:\Windows\system32\cs-CZ
2013-10-11 16:15:07 ----D---- C:\Program Files\Internet Explorer
2013-10-11 09:48:52 ----D---- C:\Windows\system32\MRT
2013-10-11 09:43:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 22:13:46 ----D---- C:\Program Files\Microsoft Security Client
2013-10-09 22:04:11 ----D---- C:\Users\MM\AppData\Roaming\ICQ
2013-10-05 16:58:12 ----D---- C:\Windows\SoftwareDistribution
2013-10-05 16:37:06 ----D---- C:\ProgramData\Ashampoo
2013-10-05 16:37:03 ----D---- C:\Program Files\Ashampoo
2013-10-03 20:54:46 ----D---- C:\Fotografie-iPad
2013-10-03 20:53:36 ----D---- C:\Program Files\KMPlayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 106296]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-29 9164800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-28 265216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-02-05 2602888]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-06-02 47360]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-12-27 614624]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-29 9164800]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-10-27 40776]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-28 163328]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [2012-04-11 299648]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Soda PDF 5 Helper Service;Soda PDF 5 Helper Service; C:\Program Files\Soda PDF 5\HelperService.exe [2013-01-25 1237856]
R2 Soda PDF 5 Service;Soda PDF 5 Service; C:\Program Files\Soda PDF 5\ConversionService.exe [2013-01-25 877920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2013-06-14 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-06-02 1045256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-24 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-30 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

OTL logfile created on: 1.11.2013 18:53:11 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MM\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 48,80% Memory free
6,50 Gb Paging File | 4,50 Gb Available in Paging File | 69,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 350,51 Gb Free Space | 75,25% Space Free | Partition Type: NTFS
Drive D: | 931,28 Gb Total Space | 376,86 Gb Free Space | 40,47% Space Free | Partition Type: FAT32

Computer Name: MM-PC | User Name: MM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.26 19:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
PRC - [2013.10.09 22:04:49 | 027,598,184 | ---- | M] (ICQ) -- C:\Users\MM\AppData\Roaming\ICQM\icq.exe
PRC - [2013.08.12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.08.12 09:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.06.06 02:02:22 | 007,519,512 | ---- | M] (Pokki) -- C:\Users\MM\AppData\Local\Pokki\Engine\pokki.exe
PRC - [2013.05.29 22:20:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.05.25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.19 00:45:32 | 001,090,912 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013.04.18 10:06:32 | 000,179,024 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013.04.18 10:06:26 | 000,127,312 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2013.04.18 10:06:24 | 000,158,032 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2013.01.25 16:42:00 | 001,237,856 | ---- | M] (LULU Software) -- C:\Program Files\Soda PDF 5\HelperService.exe
PRC - [2013.01.25 16:42:00 | 000,877,920 | ---- | M] (LULU Software) -- C:\Program Files\Soda PDF 5\ConversionService.exe
PRC - [2012.04.11 13:18:48 | 001,403,008 | ---- | M] (Genie9) -- C:\Program Files\Genie9\Genie Timeline\GenieTimeLineAgent.exe
PRC - [2012.04.11 13:18:48 | 000,299,648 | ---- | M] (Genie9) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
PRC - [2012.03.28 23:19:32 | 000,405,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.03.28 23:18:56 | 000,163,328 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.05.17 16:03:14 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe
PRC - [2008.06.24 15:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.03.20 19:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2007.12.06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.04.03 17:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.02.04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe


========== Modules (No Company Name) ==========

MOD - [2013.10.09 22:04:53 | 000,851,456 | ---- | M] () -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
MOD - [2013.10.09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013.10.09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013.10.09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013.10.09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013.10.09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013.06.06 02:02:24 | 001,517,848 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\ocdeskband_0.dll
MOD - [2013.04.19 00:46:32 | 000,276,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2013.04.19 00:46:32 | 000,093,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2013.04.19 00:46:16 | 002,653,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2013.04.19 00:46:16 | 000,364,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2013.04.19 00:46:14 | 011,166,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2013.04.19 00:46:12 | 001,346,912 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2013.04.19 00:46:12 | 000,206,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2013.04.19 00:46:10 | 001,014,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2013.04.19 00:46:10 | 000,720,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2013.04.19 00:46:08 | 008,507,232 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2013.04.19 00:46:08 | 000,520,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2013.04.19 00:46:06 | 002,480,992 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2013.04.19 00:46:06 | 002,354,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2013.04.19 00:46:02 | 000,446,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2013.04.19 00:45:58 | 000,207,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2013.04.19 00:45:58 | 000,035,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2013.04.19 00:45:56 | 000,033,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2013.04.19 00:45:28 | 000,438,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2013.04.19 00:44:48 | 000,606,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2013.04.15 12:26:16 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2013.04.15 12:26:16 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2013.03.13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\MM\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.03.13 17:49:42 | 003,501,056 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\FFDShow\ffdshow.ax
MOD - [2013.03.04 09:01:14 | 000,181,760 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\libbluray.dll
MOD - [2013.03.04 09:01:08 | 007,784,338 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\avcodec-lav-54.dll
MOD - [2013.03.04 09:01:08 | 001,273,929 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\avformat-lav-54.dll
MOD - [2013.03.04 09:01:08 | 000,246,330 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\avutil-lav-52.dll
MOD - [2013.03.04 09:01:08 | 000,166,406 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\avresample-lav-1.dll
MOD - [2013.01.26 03:53:28 | 000,716,288 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\libGLESv2.dll
MOD - [2013.01.26 03:53:28 | 000,569,856 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:53:28 | 000,130,048 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\libEGL.dll
MOD - [2013.01.25 23:07:56 | 001,400,846 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avcodec-54.dll
MOD - [2013.01.25 23:07:54 | 000,222,734 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avformat-54.dll
MOD - [2013.01.25 23:07:54 | 000,151,054 | ---- | M] () -- C:\Users\MM\AppData\Local\Pokki\Engine\avutil-51.dll
MOD - [2012.11.14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\MM\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.06.17 19:12:10 | 001,406,976 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\AC3Filter\ac3filter.ax
MOD - [2012.05.12 20:42:16 | 001,272,320 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\AC3Filter\avcodec-53.dll
MOD - [2012.05.12 20:42:16 | 000,146,432 | ---- | M] () -- C:\Program Files\SAM CoDeC Pack\Filters\AC3Filter\avutil-51.dll
MOD - [2012.04.11 10:38:06 | 000,601,600 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSBackupManager.gtl
MOD - [2012.04.11 10:38:06 | 000,396,288 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSIndexDB.gtl
MOD - [2012.04.11 10:38:06 | 000,396,288 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll
MOD - [2012.04.11 10:38:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\OnlineHandler.gtl
MOD - [2012.04.11 10:38:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll
MOD - [2012.04.11 10:38:06 | 000,280,064 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSWatcher4.gtl
MOD - [2012.04.11 10:38:06 | 000,168,960 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\Settings.gtl
MOD - [2012.04.11 10:38:06 | 000,168,960 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\Settings.dll
MOD - [2012.04.11 10:38:06 | 000,158,208 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl
MOD - [2012.04.11 10:38:06 | 000,071,168 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\QueueManager.gtl
MOD - [2012.04.11 10:38:06 | 000,071,168 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\QueueManager.dll
MOD - [2012.04.11 10:38:06 | 000,059,392 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\XBalloonMsgDll.dll
MOD - [2012.04.11 10:38:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogManager.gtl
MOD - [2012.03.22 10:32:32 | 000,080,384 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSEncryption.gtl
MOD - [2012.03.22 10:32:32 | 000,080,384 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll
MOD - [2012.03.22 10:32:32 | 000,072,704 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSCurl.dll
MOD - [2012.03.22 10:32:32 | 000,043,008 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.gtl
MOD - [2012.03.22 10:32:32 | 000,043,008 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll
MOD - [2012.03.22 10:32:32 | 000,038,400 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogging.gtl
MOD - [2012.03.22 10:32:32 | 000,038,400 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\GSLogging.dll
MOD - [2012.03.22 10:32:32 | 000,010,752 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\RWLock.gtl
MOD - [2012.03.22 10:32:32 | 000,010,752 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\RWLock.dll
MOD - [2012.02.02 10:16:20 | 000,923,136 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\sqlite3.gtl
MOD - [2012.02.02 10:16:20 | 000,923,136 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\sqlite3.dll
MOD - [2012.02.02 10:16:20 | 000,009,728 | ---- | M] () -- C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.gtl


========== Services (SafeList) ==========

SRV - [2013.10.24 21:15:02 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.08.12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.14 21:50:24 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2013.06.03 15:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.02 14:59:50 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.30 16:52:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.25 16:42:00 | 001,237,856 | ---- | M] (LULU Software) [Auto | Running] -- C:\Program Files\Soda PDF 5\HelperService.exe -- (Soda PDF 5 Helper Service)
SRV - [2013.01.25 16:42:00 | 000,877,920 | ---- | M] (LULU Software) [Auto | Running] -- C:\Program Files\Soda PDF 5\ConversionService.exe -- (Soda PDF 5 Service)
SRV - [2012.04.11 13:18:48 | 000,299,648 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe -- (GenieTimelineService)
SRV - [2012.03.28 23:18:56 | 000,163,328 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007.12.06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2013.10.27 10:36:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013.06.18 20:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013.01.23 09:31:52 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2013.01.23 09:31:52 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2013.01.23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.10.17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.09.17 12:05:08 | 000,106,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2012.08.23 15:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.03.29 04:29:06 | 009,164,800 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.03.29 04:29:06 | 009,164,800 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.03.28 22:08:42 | 000,265,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.09.10 14:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OlyCamComm.sys -- (OlyCamComm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.idnes.cz/http://www.ak [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\SearchScopes,DefaultScope = {7603E22C-4D5D-4C45-A8B9-84E3700694EA}
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.p ... 243925&ir=
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\SearchScopes\{7603E22C-4D5D-4C45-A8B9-84E3700694EA}: "URL" = http://search.conduit.com/ResultsExt.as ... 18222&UM=2
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\SearchScopes\{B7B12FF6-3262-4612-A241-1461DA1846DD}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... 6spr%253Da
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MM\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MM\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFSodaPDF5Converter@sodapdf.com: C:\Program Files\Soda PDF 5\FFSoda5Ext [2013.06.02 13:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2013.05.28 21:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Extensions
[2013.10.28 18:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions
[2013.10.13 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\staged
[2013.10.13 13:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\trash
[2013.06.30 10:07:59 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\WebSiteRecommendation@weliketheweb.com
[2013.06.29 23:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profilescdxqgtr4.default\extensions
[2013.06.29 23:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profilescdxqgtr4.default\extensions\staged
[2013.06.30 09:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\trtv3@trtv.com.xpi
[2013.05.29 18:56:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.29 18:56:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MM\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\MM\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Authorware Web Player (Enabled) = C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: CacheList = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\3.0.4_0\
CHR - Extension: Dokumenty Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.10.30 16:39:39 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Soda PDF 5 IE Helper) - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files\Soda PDF 5\PDFIEHelper.dll (LULU Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Soda PDF 5 IE Toolbar) - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
O3 - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKU\S-1-5-21-1107837428-173974533-547177936-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1107837428-173974533-547177936-1000..\Run: [icq] C:\Users\MM\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKU\S-1-5-21-1107837428-173974533-547177936-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1107837428-173974533-547177936-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné weby)
O15 - HKU\S-1-5-21-1107837428-173974533-547177936-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné weby)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88F0FE0E-3F47-432C-A9AE-1A63BE7485A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3CF2AB9-B78C-45F0-BABF-2D8E6E8BF54E}: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.06.05 16:34:33 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8f321bda-f4f3-11e2-bdc2-001d7d08db0f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f321bda-f4f3-11e2-bdc2-001d7d08db0f}\Shell\AutoRun\command - "" = J:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.aacacm - C:\Windows\System32\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.dvacm - c:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/)
Drivers32: VIDC.CFHD - C:\Windows\System32\CFHD.dll (CineForm Inc.)
Drivers32: VIDC.CSCD - C:\Windows\System32\CamCodec.dll (CamStudio Group)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.GEOS - C:\Windows\System32\GeoCodecD.dll (GeoVision)
Drivers32: VIDC.GEOV - C:\Windows\System32\GeoCodec.dll (GeoVision)
Drivers32: VIDC.GEOX - C:\Windows\System32\GeoCodec.dll (GeoVision)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: VIDC.IV50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.MLCY - C:\Windows\System32\mlc.dll ()
Drivers32: VIDC.ULRA - C:\Windows\System32\utv_vcm.dll ()
Drivers32: VIDC.ULRG - C:\Windows\System32\utv_vcm.dll ()
Drivers32: VIDC.ULY0 - C:\Windows\System32\utv_vcm.dll ()
Drivers32: VIDC.ULY2 - C:\Windows\System32\utv_vcm.dll ()
Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)
Drivers32: VIDC.VP80 - C:\Windows\System32\vp8vfw.dll (Optima SC Inc.)
Drivers32: vidc.x264 - C:\Program Files\x264vfw\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.11.01 08:59:32 | 000,000,000 | R--D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013.10.29 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Local\CrashDumps
[2013.10.27 18:08:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.27 13:54:49 | 000,000,000 | ---D | C] -- C:\Users\MM\geokuk
[2013.10.27 10:36:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.10.26 21:35:17 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Malwarebytes
[2013.10.26 21:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.10.26 19:46:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
[2013.10.26 10:02:48 | 000,000,000 | ---D | C] -- C:\tmp
[2013.10.26 10:02:48 | 000,000,000 | ---D | C] -- C:\output
[2013.10.25 22:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.25 21:59:36 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.10.25 21:59:35 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.25 10:05:39 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.10.25 10:05:39 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.10.24 21:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.10.19 09:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.10.19 09:33:32 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.19 09:33:26 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.19 09:33:26 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.19 09:33:26 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.19 09:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.19 09:21:37 | 000,000,000 | ---D | C] -- C:\Users\MM\KBCertifikat
[2013.10.19 09:13:15 | 000,000,000 | ---D | C] -- C:\Users\MM\kbpki
[2013.10.19 09:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.19 08:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.10.18 08:51:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.10.13 21:19:54 | 000,000,000 | ---D | C] -- C:\Users\MM\Desktop\weby_prac
[2013.10.13 15:37:56 | 000,000,000 | ---D | C] -- C:\Users\MM\Desktop\prac složka trasy GPX
[2013.10.11 09:42:32 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.10.11 09:42:32 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.10.11 09:42:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.10.11 09:42:31 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.10.11 09:42:30 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.10.11 09:42:30 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.10.11 09:42:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.10.11 09:42:30 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.10.11 09:42:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.10.11 09:42:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.10.11 07:52:27 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.10.11 07:52:26 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013.10.11 07:52:18 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.10.11 07:52:17 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.10.11 07:52:17 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013.10.11 07:52:13 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013.10.11 07:52:11 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.10.11 07:52:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.10.11 07:52:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.10.11 07:52:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013.10.11 07:52:09 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013.10.11 07:52:05 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.10.09 22:05:02 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
[2013.10.09 22:04:45 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\ICQM
[2013.10.09 22:04:25 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\ICQ-Profile
[2013.10.05 17:11:25 | 000,000,000 | ---D | C] -- C:\Users\MM\Documents\Incomedia
[2013.10.05 17:03:57 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Local\Incomedia
[2013.10.05 17:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Home
[2013.10.05 17:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\WebSite X5 v10 - Home
[2013.10.05 16:37:33 | 000,000,000 | ---D | C] -- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.10.05 16:31:00 | 011,706,640 | ---- | C] (CompSoft) -- C:\Users\MM\Desktop\LastFM.exe
[2013.06.02 10:54:33 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\MM\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.11.01 18:55:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.01 18:53:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
[2013.11.01 15:59:00 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\Torntv 2-updater.job
[2013.11.01 15:59:00 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\Torntv 2-codedownloader.job
[2013.11.01 15:59:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\Torntv 2-enabler.job
[2013.11.01 09:09:14 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.01 09:09:14 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.01 08:59:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.01 08:59:12 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.31 08:53:06 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
[2013.10.29 21:39:31 | 003,538,944 | ---- | M] () -- C:\Users\MM\Desktop\RogueKiller.exe
[2013.10.28 09:20:33 | 000,666,194 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.10.28 09:20:33 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.10.28 09:20:33 | 000,139,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.10.28 09:20:33 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.10.27 18:07:42 | 001,060,070 | ---- | M] () -- C:\Users\MM\Desktop\adwcleaner.exe
[2013.10.27 13:34:53 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\GeoGet.lnk
[2013.10.27 10:36:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.10.26 19:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MM\Desktop\OTL.exe
[2013.10.25 23:05:14 | 000,781,383 | ---- | M] () -- C:\Users\MM\Desktop\RSIT (4).exe
[2013.10.19 09:33:19 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.19 09:33:17 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.19 09:33:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.19 09:33:16 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.16 08:04:44 | 000,002,346 | ---- | M] () -- C:\Users\MM\Desktop\Google Chrome.lnk
[2013.10.11 16:16:49 | 003,812,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.09 22:13:58 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.10.09 22:05:02 | 000,001,790 | ---- | M] () -- C:\Users\MM\Desktop\ICQ8.lnk
[2013.10.05 17:03:41 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\WebSite X5 Home 10.lnk
[2013.10.05 16:37:22 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2013.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.01 18:51:48 | 000,781,383 | ---- | C] () -- C:\Users\MM\Desktop\RSIT (4).exe
[2013.10.29 21:40:05 | 003,538,944 | ---- | C] () -- C:\Users\MM\Desktop\RogueKiller.exe
[2013.10.27 18:08:11 | 001,060,070 | ---- | C] () -- C:\Users\MM\Desktop\adwcleaner.exe
[2013.10.26 19:52:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.09 22:05:02 | 000,001,790 | ---- | C] () -- C:\Users\MM\Desktop\ICQ8.lnk
[2013.10.05 17:03:41 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\WebSite X5 Home 10.lnk
[2013.10.05 16:37:22 | 000,001,305 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2013.lnk
[2013.08.03 16:10:01 | 000,000,088 | RHS- | C] () -- C:\ProgramData\48AE367A9D.sys
[2013.08.03 16:09:59 | 000,006,266 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013.08.03 13:45:59 | 000,000,010 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pdfdrawcodec.dll
[2013.06.02 11:05:36 | 000,039,095 | ---- | C] () -- C:\Windows\iccsigs.dat
[2013.06.02 11:05:35 | 000,112,688 | ---- | C] () -- C:\Windows\System32\shw32.dll
[2013.06.02 10:54:33 | 000,087,608 | ---- | C] () -- C:\Users\MM\AppData\Roaming\inst.exe
[2013.06.02 10:54:33 | 000,007,887 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pcouffin.cat
[2013.06.02 10:54:33 | 000,001,144 | ---- | C] () -- C:\Users\MM\AppData\Roaming\pcouffin.inf
[2013.06.02 10:33:11 | 000,001,024 | ---- | C] () -- C:\Users\MM\.rnd
[2013.05.30 17:38:11 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2013.05.28 17:54:12 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.05.28 16:21:28 | 000,000,017 | ---- | C] () -- C:\Users\MM\AppData\Local\resmon.resmoncfg
[2013.05.28 16:13:22 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013.05.28 16:13:22 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013.05.28 16:13:21 | 000,155,648 | ---- | C] () -- C:\Windows\System32\utv_core.dll
[2013.05.28 16:13:21 | 000,069,632 | ---- | C] () -- C:\Windows\System32\utv_vcm.dll
[2013.05.28 16:13:20 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 16:13:20 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013.05.28 16:13:20 | 000,001,778 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.28 16:11:19 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll
[2013.05.28 16:11:19 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2013.05.28 16:10:47 | 000,600,880 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.05.28 16:10:47 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.05.28 16:10:47 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.05.28 16:10:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\amdverag.dll
[2013.05.28 16:08:47 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.05.28 16:08:25 | 000,413,797 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.05.28 15:50:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.03.13 17:49:46 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.02.07 13:22:00 | 000,050,330 | ---- | C] () -- C:\Program Files\AntiDust.exe
[2012.05.21 15:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.07.28 21:50:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Genie9
[2013.07.28 21:50:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Genie9
[2013.06.02 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\APP_NAME_NON_STRING
[2013.06.15 08:54:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ArcticLine
[2013.06.14 21:33:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo
[2013.10.05 16:37:33 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.06.14 21:58:26 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Autodesk
[2013.06.02 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\calibre
[2013.06.03 15:56:01 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Canon
[2013.11.01 09:01:12 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Dropbox
[2013.06.02 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Engelmann Media
[2013.09.14 15:42:43 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GARMIN
[2013.07.28 09:23:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Genie9
[2013.10.27 14:08:20 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GeoGet
[2013.06.24 16:55:00 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GHISLER
[2013.10.09 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ
[2013.10.10 11:50:44 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ-Profile
[2013.10.09 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQM
[2013.09.24 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Moto assistant
[2013.08.03 13:59:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\MOVAVI
[2013.06.09 08:54:41 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Nokia
[2013.06.25 17:26:05 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PC Suite
[2013.06.16 16:09:45 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PDF Software
[2013.08.11 09:10:27 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\SAMSUNG Drivers Update Utility
[2013.05.30 17:38:03 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ScanSoft
[2013.05.28 21:55:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Thunderbird
[2013.05.28 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\TreeCardGames
[2013.08.03 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ulead Systems
[2013.10.11 19:00:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Vso
[2013.06.15 10:45:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\XnView
[2013.08.03 13:47:24 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\YCanPDF

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,576 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.07.04 21:17:24 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
[2013.07.04 21:17:25 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
[2013.09.02 20:59:37 | 000,001,152 | ---- | C] () -- C:\Windows\Tasks\Torntv 2-codedownloader.job
[2013.09.02 20:59:43 | 000,001,062 | ---- | C] () -- C:\Windows\Tasks\Torntv 2-enabler.job
[2013.09.02 20:59:49 | 000,001,158 | ---- | C] () -- C:\Windows\Tasks\Torntv 2-updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.15 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ABBYY
[2013.06.16 22:26:12 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Adobe
[2013.09.23 23:10:51 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Apple Computer
[2013.06.02 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\APP_NAME_NON_STRING
[2013.06.15 08:54:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ArcticLine
[2013.06.14 21:33:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo
[2013.10.05 16:37:33 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.06.14 21:58:26 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Autodesk
[2013.06.02 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\calibre
[2013.06.03 15:56:01 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Canon
[2013.10.12 10:22:06 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Corel
[2013.05.30 17:54:24 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\CyberLink
[2013.11.01 09:01:12 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Dropbox
[2013.06.02 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Engelmann Media
[2013.09.08 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\FastStone
[2013.09.14 15:42:43 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GARMIN
[2013.07.28 09:23:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Genie9
[2013.10.27 14:08:20 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GeoGet
[2013.06.24 16:55:00 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\GHISLER
[2013.10.09 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ
[2013.10.10 11:50:44 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQ-Profile
[2013.10.09 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ICQM
[2013.05.28 15:57:33 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Identities
[2013.08.11 09:44:39 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Intelli-studio
[2013.05.28 16:12:14 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Macromedia
[2013.10.26 21:35:17 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Malwarebytes
[2010.11.21 02:24:45 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Media Center Programs
[2013.07.29 17:37:01 | 000,000,000 | --SD | M] -- C:\Users\MM\AppData\Roaming\Microsoft
[2013.09.24 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Moto assistant
[2013.08.03 13:59:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\MOVAVI
[2013.05.29 18:57:19 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Mozilla
[2013.06.14 21:22:35 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Nero
[2013.06.09 08:54:41 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Nokia
[2013.06.25 17:26:05 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PC Suite
[2013.06.16 16:09:45 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\PDF Software
[2013.08.11 09:10:27 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\SAMSUNG Drivers Update Utility
[2013.05.30 17:38:03 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\ScanSoft
[2013.07.14 07:27:58 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Skype
[2013.05.28 21:55:48 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Thunderbird
[2013.05.28 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\TreeCardGames
[2013.08.03 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Ulead Systems
[2013.10.11 19:00:52 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Vso
[2013.05.28 23:02:04 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\Winamp
[2013.05.28 19:30:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\WinRAR
[2013.06.15 10:45:02 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\XnView
[2013.08.03 13:47:24 | 000,000,000 | ---D | M] -- C:\Users\MM\AppData\Roaming\YCanPDF

< %APPDATA%\*.exe /s >
[2013.06.02 10:54:33 | 000,087,608 | ---- | M] () -- C:\Users\MM\AppData\Roaming\inst.exe
[2013.05.25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.05.25 01:48:34 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.06.14 03:09:00 | 000,874,440 | ---- | M] (Dropbox, Inc.) -- C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.10.27 13:34:14 | 006,370,251 | ---- | M] ( ) -- C:\Users\MM\AppData\Roaming\GeoGet\ggupdate\geogetsetup-2.7.9.717.exe
[2013.03.03 15:53:48 | 000,724,480 | ---- | M] () -- C:\Users\MM\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2013.02.02 17:41:10 | 008,060,690 | ---- | M] () -- C:\Users\MM\AppData\Roaming\GeoGet\script\GgStat\GgStat.exe
[2013.10.09 22:04:49 | 027,598,184 | ---- | M] (ICQ) -- C:\Users\MM\AppData\Roaming\ICQM\icq.exe
[2013.10.09 22:04:54 | 033,654,608 | ---- | M] (ICQ) -- C:\Users\MM\AppData\Roaming\ICQM\icqsetup.exe
[2013.10.09 22:04:54 | 004,739,616 | ---- | M] () -- C:\Users\MM\AppData\Roaming\ICQM\ICQ\dll\mailrusputnik.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.10.31 08:53:06 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job
[2013.11.01 18:53:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job
[2013.11.01 15:59:00 | 000,001,152 | ---- | M] () -- C:\Windows\Tasks\Torntv 2-codedownloader.job
[2013.11.01 15:59:00 | 000,001,062 | ---- | M] () -- C:\Windows\Tasks\Torntv 2-enabler.job
[2013.11.01 15:59:00 | 000,001,158 | ---- | M] () -- C:\Windows\Tasks\Torntv 2-updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.01 09:09:14 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.01 09:09:14 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[1999.03.28 12:04:50 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Graphics9\Custom\Bumpmap\Cracks.cpt
[1997.02.27 10:28:24 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Graphics9\Custom\Canvas\cracks2c.pcx
[1999.03.28 11:29:12 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Graphics9\Custom\Tiles\CRACKS2M.CPT
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Program Files\GeoGet\distdata\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2010.02.21 02:22:00 | 000,000,386 | ---- | M] () -- \Users\MM\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\MM\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif.old
[2013.05.31 04:55:58 | 000,000,236 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Aircrack-ng.url
[2013.05.31 04:56:01 | 000,000,209 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\AllCracks.net.url
[2013.05.31 04:56:01 | 000,000,308 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Best Crack , Serial and Warez sites.url
[2013.05.31 04:56:01 | 000,000,208 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\boilsoft serial and crack - The latest cracks and serials updated daily to unlock your software.url
[2013.05.31 04:56:01 | 000,000,213 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CCrack.url
[2013.05.31 04:56:01 | 000,000,219 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Crack Top List.url
[2013.05.31 04:56:01 | 000,000,200 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\crack-cd.url
[2013.05.31 04:56:01 | 000,000,387 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\crack-REFERAT.COM.url
[2013.05.31 04:56:01 | 000,000,325 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CRACK.MS - All CRACKs and SERIALs on ONE Site.url
[2013.05.31 04:56:01 | 000,000,231 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CRACKS FOR YOU.url
[2013.05.31 04:56:01 | 000,000,209 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Cracks-serials-rox Downloads & torrents.url
[2013.05.31 04:56:01 | 000,000,255 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Cracks.AllSeek.iNFO.url
[2013.05.31 04:56:01 | 000,001,584 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Cracks.url
[2013.05.31 04:56:01 | 000,000,252 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CrackServer Search Results for 2.6.240.url
[2013.05.31 04:56:01 | 000,000,249 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CrackzPlanet.com - Serials - G2.url
[2013.05.31 04:56:01 | 000,000,122 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\DoCrack.com - Top Crack - Serials - KeyGen.url
[2013.05.31 04:56:01 | 000,000,262 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Download Crack Serial - download cracks serials NO PORN POPUPs! NO STUPID TROJANs and EXPLOITs!.url
[2013.05.31 04:56:01 | 000,000,241 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\find abbyy pdf serial serials cracks hacking warez at www.thedarktoolbox.com.url
[2013.05.31 04:56:01 | 000,000,185 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Free serial crack keygen downloads - CrackSerial.Net.url
[2013.05.31 04:56:01 | 000,000,371 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\FREE UNLIMITED CRACKS, SERIAL NUMBERS, KEYGENS, PATCHES, GAMES, SOFTWARE CRACK, CRACKZ.url
[2013.05.31 04:56:01 | 000,000,234 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\http--crackspider.net-search.shtmlq=acdsee+9+photo&x=33&y=22.url
[2013.05.31 04:56:01 | 000,000,210 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\http--crackspider.net-search.shtmlq=homesite%205.url
[2013.05.31 04:56:01 | 000,000,261 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\InfiniteWarez.com - Full Version Downloads! Warez, Torrents, Cracks, Serials, KeyGens, XXX.url
[2013.05.31 04:56:01 | 000,000,304 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Ulead Videostudio 11.5 Plus Free Download Crack Torrent Serial Keygen Warez Full Version.url
[2013.05.31 04:56:01 | 000,000,229 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Warez-Vortex.net - Warez Downloads, Apps, Games, Movies, XXX, Cracks, Serials, Keygens And More!.url
[2013.05.31 04:56:01 | 000,000,202 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\ZCRACK~1.URL
[2013.05.31 04:56:01 | 000,000,300 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Downloady\dvdfab platinum Download Crack Serial.url
[2013.05.31 04:56:01 | 000,000,346 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Torrent\Ulead VideoStudio Plus 11 - Crack Torrent Download.url

< *keygen* /s >
[2013.05.31 04:56:01 | 000,000,122 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\DoCrack.com - Top Crack - Serials - KeyGen.url
[2013.05.31 04:56:01 | 000,000,185 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Free serial crack keygen downloads - CrackSerial.Net.url
[2013.05.31 04:56:01 | 000,000,371 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\FREE UNLIMITED CRACKS, SERIAL NUMBERS, KEYGENS, PATCHES, GAMES, SOFTWARE CRACK, CRACKZ.url
[2013.05.31 04:56:01 | 000,000,261 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\InfiniteWarez.com - Full Version Downloads! Warez, Torrents, Cracks, Serials, KeyGens, XXX.url
[2013.05.31 04:56:01 | 000,000,304 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Ulead Videostudio 11.5 Plus Free Download Crack Torrent Serial Keygen Warez Full Version.url
[2013.05.31 04:56:01 | 000,000,229 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Warez-Vortex.net - Warez Downloads, Apps, Games, Movies, XXX, Cracks, Serials, Keygens And More!.url

< *AntiWPA* /s >

< *loader* /s >
[2013.10.26 21:59:01 | 000,004,069 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb\10.21.1.507_0\js\chromeBackstageLoader.js.vir
[2013.10.26 21:59:01 | 000,003,100 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb\10.21.1.507_0\js\pluginLoader.js.vir
[2013.10.26 21:58:59 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb\10.21.1.507_0\tb\al\ac\img\ajax-loader.gif.vir
[2013.10.26 21:58:59 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb\10.21.1.507_0\tb\al\ac\img\loader-icon.png.vir
[2013.10.26 21:58:58 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edflbdjfhpiboilnedfoiepbmcllkedb\10.21.1.507_0\tb\al\ui\gf\img\loader.gif.vir
[2013.05.28 17:09:42 | 000,197,611 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\Extensions\ftdownloader4@ftdownloader.com.xpi.vir
[2013.10.13 13:57:40 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\Extensions\{d4f1c433-f9c3-49f2-8645-37dbeca19e90}\chrome\CT3078318\content\tb\al\ac\img\ajax-loader.gif.vir
[2013.10.13 13:57:40 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\Extensions\{d4f1c433-f9c3-49f2-8645-37dbeca19e90}\chrome\CT3078318\content\tb\al\ac\img\loader-icon.png.vir
[2013.10.13 13:57:40 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\Extensions\{d4f1c433-f9c3-49f2-8645-37dbeca19e90}\chrome\CT3078318\content\tb\al\ui\gf\img\loader.gif.vir
[2009.02.04 03:33:52 | 000,028,008 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\AecLoader.arx
[2013.05.31 03:48:58 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2012.08.27 20:33:18 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.09.15 13:34:08 | 000,059,720 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2013.09.15 13:34:08 | 001,108,296 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2013.09.14 00:50:46 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\WebKit.resources\inspector\HeapSnapshotLoader.js
[2008.06.24 12:45:14 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2012.09.25 03:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.01.04 18:53:08 | 000,002,945 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\accLoader.ini
[2010.05.17 16:04:16 | 000,111,776 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\VimeoUploader.dll
[2010.05.17 16:04:26 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader.resources.dll
[2010.05.17 16:04:42 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader_Lite.resources.dll
[2010.05.17 16:05:04 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader.resources.dll
[2010.05.17 16:05:14 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader_Lite.resources.dll
[2010.05.17 16:04:16 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader.resources.dll
[2010.05.17 16:04:26 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader_Lite.resources.dll
[2010.05.17 16:04:26 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader.resources.dll
[2010.05.17 16:04:34 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:54 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader.resources.dll
[2010.05.17 16:04:06 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:42 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader.resources.dll
[2010.05.17 16:03:46 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:34 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader.resources.dll
[2010.05.17 16:03:44 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:22 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader.resources.dll
[2010.05.17 16:03:32 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader.resources.dll
[2010.05.17 16:03:18 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader.resources.dll
[2010.05.17 16:03:24 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader_Lite.resources.dll
[2010.05.17 16:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader.resources.dll
[2010.05.17 16:03:22 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader_Lite.resources.dll
[2009.12.26 13:08:34 | 000,331,976 | ---- | M] () -- \Program Files\Corel\MLE\VimeoUploader.dll
[2012.02.02 10:16:04 | 000,003,951 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\ajax-loader.gif
[2012.02.02 10:16:04 | 000,002,680 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\Checking_Internet_Loader.gif
[2012.02.02 10:16:04 | 000,011,439 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\Cloud_Loader_Activate_160.gif
[2012.03.04 16:16:16 | 000,004,847 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\MiniLoaderBlue.gif
[2012.02.02 10:16:04 | 000,023,208 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\Play_Pause_Loader.gif
[2012.02.02 10:16:04 | 000,023,287 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\Play_Pause_Loader_old.gif
[2012.02.02 10:16:04 | 000,005,633 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\_GSImages_\preloader3.gif
[2013.05.28 19:14:28 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.05.28 19:14:29 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.05.28 19:14:28 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013.03.08 17:00:00 | 000,856,064 | ---- | M] () -- \Program Files\KMPlayer\imloader.dll
[2013.03.25 09:13:18 | 000,296,296 | ---- | M] () -- \Program Files\Movavi Video Suite 11 SE\PSPUploader.exe
[2013.03.25 09:13:24 | 000,296,296 | ---- | M] () -- \Program Files\Movavi Video Suite 11 SE\PSPUploaderru.exe
[2012.06.26 11:36:20 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.10.26 11:18:10 | 000,002,545 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4OWO22ZA\loader[1].gif
[2013.10.25 22:44:20 | 000,001,785 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IE7F6GSL\ajax-loader[1].gif
[2013.10.27 09:23:27 | 000,000,673 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IE7F6GSL\loader.white[1].gif
[2013.10.27 10:18:36 | 000,000,673 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0VXVR38\loader.white[1].gif
[2013.10.29 22:13:42 | 000,004,300 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZRAUSUG\Advert.Advantage.Reloader[1].js
[2013.10.30 17:10:38 | 000,008,288 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3WXP6S4\loader[1].gif
[2013.10.27 15:07:52 | 000,013,194 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\cropLoader[1].swf
[2013.10.30 13:03:48 | 000,018,289 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\cssloader-44f3bd022a2e1463d05bac2f806eb5d8-1382528505[1].css
[2013.10.30 13:03:48 | 000,052,863 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\cssloader-5d381ccb71bf6f9be2301ba21a1017c2-1382528505[1].css
[2013.10.30 13:03:48 | 000,001,036 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\cssloader-7212459ac2b7bdfd2fcb9d412a9099a2-1382528505[1].css
[2013.10.30 13:03:48 | 000,145,987 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\jsloader-3d7e13d70e10334b53863e96361f8b75-1382528509[1].js
[2013.10.30 13:03:48 | 000,016,469 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZ3REWDK\jsloader-64f54a140cc925bd7777e7febd804ee3-1382528508[1].js
[2013.10.26 11:15:08 | 000,003,061 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5KDI5KG\rmsloaderdelayeddiv[1].js
[2013.11.01 09:12:44 | 000,001,737 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VQQASSEJ\ajax-loader[1].gif
[2013.01.25 22:52:18 | 000,004,613 | ---- | M] () -- \Users\MM\AppData\Local\Pokki\Engine\frames\frame\loader.gif
[2013.09.13 16:40:02 | 000,004,613 | ---- | M] () -- \Users\MM\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\801b6d4b93aa86beaaa8f479dd09a5434c4cd08a\img\store\loader.gif
[2013.05.30 21:40:01 | 000,037,175 | ---- | M] () -- \Users\MM\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\molnar - iPad\iDownloaderPro_2013-05-25-032006_molnar-iPad.crash
[2013.09.05 15:40:46 | 000,040,938 | ---- | M] () -- \Users\MM\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\molnar - iPad\iDownloaderPro_2013-09-04-223709_molnar-iPad.crash
[2013.06.25 21:32:48 | 000,001,849 | ---- | M] () -- \Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\cdxqgtr4.default\extensions\trash\{d4f1c433-f9c3-49f2-8645-37dbeca19e90}\chrome\CT3078318\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2004.09.28 08:11:04 | 000,002,413 | ---- | M] () -- \Users\MM\Documents\PC vše\FTP připojení\WS_FTP Pro - Return Codes_soubory\HM_Loader_Sublevel.js
[2009.11.15 22:13:22 | 000,010,453 | ---- | M] () -- \Users\MM\Pictures\Cedule\album\res\images\loader.gif
[2009.11.15 22:13:22 | 000,010,294 | ---- | M] () -- \Users\MM\Pictures\Cedule\album\res\images\loaderWhite.gif
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.01.30 13:48:10 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.09.02 20:59:39 | 000,004,182 | ---- | M] () -- \Windows\System32\Tasks\Torntv 2-codedownloader
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2013.11.01 15:59:00 | 000,001,152 | ---- | M] () -- \Windows\Tasks\Torntv 2-codedownloader.job
[2010.11.21 02:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 02:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 02:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2013.07.13 08:11:33 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2013.07.13 08:11:33 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2013.07.13 08:11:33 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2010.11.20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 02:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.13 17:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010.11.20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2005.01.15 07:42:32 | 000,001,165 | ---- | M] () -- \Users\MM\Documents\3_MILOŠ\Z Internetu\Sada vakuových dóz Valira s pumpou (Plastové dózy) - DoKuchyne_cz - exkluzivní doplňky do kuchyně, jidelny, pro barmany a vinaře_soubory\btnOdeslat.gif

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.08 17:14:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.06 09:22:56 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.08 17:14:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:46 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.07.31 15:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_2010_Czech_SLD_WIN_32bit\x86\acad\Program Files\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2010.05.17 15:59:54 | 000,016,544 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\AppFramework.XmlSerializers.dll
[2010.05.17 16:01:10 | 000,016,544 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\Binary\AppFramework.XmlSerializers.dll
[2009.08.01 07:02:20 | 000,000,017 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\Ulead.dat\AboutData\Loc\SerialStringFormat.txt
[1999.03.23 06:39:52 | 000,037,079 | ---- | M] () -- \Program Files\Corel\Graphics9\Register\serial2.gif
[2012.03.26 11:05:44 | 000,006,401 | ---- | M] () -- \Program Files\Genie9\Genie Timeline\Html\EnterSerial.html
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 02:15:56 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.11.01 15:03:42 | 000,009,387 | ---- | M] () -- \Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D62RR2BE\SPM4eefbd_serial1[1].jpg
[2013.10.05 17:12:54 | 000,000,683 | ---- | M] () -- \Users\MM\AppData\Roaming\Microsoft\Office\Naposledy otevřené\WebSite X5_serial.LNK
[2013.05.31 04:56:01 | 000,000,308 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Best Crack , Serial and Warez sites.url
[2013.05.31 04:56:01 | 000,000,208 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\boilsoft serial and crack - The latest cracks and serials updated daily to unlock your software.url
[2013.05.31 04:56:01 | 000,000,325 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CRACK.MS - All CRACKs and SERIALs on ONE Site.url
[2013.05.31 04:56:01 | 000,000,209 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Cracks-serials-rox Downloads & torrents.url
[2013.05.31 04:56:01 | 000,000,249 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\CrackzPlanet.com - Serials - G2.url
[2013.05.31 04:56:01 | 000,000,122 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\DoCrack.com - Top Crack - Serials - KeyGen.url
[2013.05.31 04:56:01 | 000,000,262 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Download Crack Serial - download cracks serials NO PORN POPUPs! NO STUPID TROJANs and EXPLOITs!.url
[2013.05.31 04:56:01 | 000,000,241 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\find abbyy pdf serial serials cracks hacking warez at www.thedarktoolbox.com.url
[2013.05.31 04:56:01 | 000,000,185 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Free serial crack keygen downloads - CrackSerial.Net.url
[2013.05.31 04:56:01 | 000,000,371 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\FREE UNLIMITED CRACKS, SERIAL NUMBERS, KEYGENS, PATCHES, GAMES, SOFTWARE CRACK, CRACKZ.url
[2013.05.31 04:56:01 | 000,000,164 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\http--www.serialdevil.com-.url
[2013.05.31 04:56:01 | 000,000,261 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\InfiniteWarez.com - Full Version Downloads! Warez, Torrents, Cracks, Serials, KeyGens, XXX.url
[2013.05.31 04:56:01 | 000,000,220 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Myserials.com.url
[2013.05.31 04:56:01 | 000,000,193 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\SerialCodes.net.url
[2013.05.31 04:56:01 | 000,000,160 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Serialkey.NET - The Leading Serial Site. Live Databese! serials serialkey serial numbers codes keys.url
[2013.05.31 04:56:01 | 000,000,258 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Serialportal!.url
[2013.05.31 04:56:01 | 000,000,172 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Serials & keys - unlocks the world.url
[2013.05.31 04:56:01 | 000,000,183 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Serials & keys.url
[2013.05.31 04:56:01 | 000,000,229 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Smart Serials The Ultimate Resource of Free Serials.url
[2013.05.31 04:56:01 | 000,000,304 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Ulead Videostudio 11.5 Plus Free Download Crack Torrent Serial Keygen Warez Full Version.url
[2013.05.31 04:56:01 | 000,000,263 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\VSO ConvertXtoDvd Software-Serials.com Enter The Vortex.url
[2013.05.31 04:56:01 | 000,000,229 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Cracks, serials\Warez-Vortex.net - Warez Downloads, Apps, Games, Movies, XXX, Cracks, Serials, Keygens And More!.url
[2013.05.31 04:56:01 | 000,000,300 | ---- | M] () -- \Users\MM\Favorites\Web, SW, telefony\Downloady\dvdfab platinum Download Crack Serial.url
[2010.11.21 02:15:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.06 11:48:50 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.06 11:49:13 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.10.11 09:44:04 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.10.06 11:53:37 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.06 12:08:27 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2010.03.18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.05.30 05:18:18 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.11 09:40:36 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.05.30 05:18:17 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.10.11 09:40:35 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.11 09:40:39 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 02:15:47 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 02:15:49 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2010.11.21 02:15:53 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 17:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.13 17:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.13 17:29:14 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010.11.21 02:16:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2013.07.13 08:11:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2013.07.13 08:27:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 22:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010.11.21 02:15:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.13 17:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010.11.20 22:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 22:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 02:15:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010.11.21 02:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.21 02:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 02:15:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.13 17:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.13 17:29:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 02:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 02:15:53 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.13 17:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013.05.28 21:12:28 | 000,030,208 | ---- | C] ()(C:\Users\MM\Documents\?? ???????? EMCOS s.doc) -- C:\Users\MM\Documents\ОБ ОБЩЕСТВЕ EMCOS s.doc
[2008.06.26 19:49:30 | 000,030,208 | ---- | M] ()(C:\Users\MM\Documents\?? ???????? EMCOS s.doc) -- C:\Users\MM\Documents\ОБ ОБЩЕСТВЕ EMCOS s.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 853 bytes -> C:\Users\MM\Documents\Fw_ E-mailové potvrzení objednávky.eml:OECustomProperty
@Alternate Data Stream - 748 bytes -> C:\Users\MM\Documents\Fw_ Joint a policajti.eml:OECustomProperty
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: MM
->Temp folder emptied: 38421910 bytes
->Temporary Internet Files folder emptied: 287940637 bytes
->Java cache emptied: 5203916 bytes
->FireFox cache emptied: 17134555 bytes
->Google Chrome cache emptied: 24887609 bytes
->Flash cache emptied: 2321 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 126502 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 38948325 bytes
RecycleBin emptied: 11647578 bytes

Total Files Cleaned = 405,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: MM
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA.job moved successfully.
C:\Windows\tasks\Torntv 2-codedownloader.job moved successfully.
C:\Windows\tasks\Torntv 2-enabler.job moved successfully.
C:\Windows\tasks\Torntv 2-updater.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23323BD6-5313-15CC-F339-29070AFC5562}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\SearchScopes\{23323BD6-5313-15CC-F339-29070AFC5562}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23323BD6-5313-15CC-F339-29070AFC5562}\ not found.
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7603E22C-4D5D-4C45-A8B9-84E3700694EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7603E22C-4D5D-4C45-A8B9-84E3700694EA}\ not found.
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B7B12FF6-3262-4612-A241-1461DA1846DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7B12FF6-3262-4612-A241-1461DA1846DD}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434D452D-5637-006A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{434D452D-5637-006A-76A7-7A786E7484D7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8378.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB909.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE112.tmp folder deleted successfully.
C:\Windows\Installer\MSI2E30.tmp deleted successfully.
C:\Windows\Installer\MSI8B4D.tmp deleted successfully.
C:\Windows\Installer\MSID10.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl8 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDVD8LanguageShortcut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 11022013_083713

Files\Folders moved on Reboot...
File\Folder C:\Users\MM\AppData\Local\Temp\~DF422F4D04A9766737.TMP not found!
File\Folder C:\Users\MM\AppData\Local\Temp\~DF75D000385F62E7FC.TMP not found!
File\Folder C:\Users\MM\AppData\Local\Temp\~DFEE11311FC3887729.TMP not found!
C:\Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF0001.tmp moved successfully.
C:\Users\MM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS0000.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.