Preventivka

Zpráva

#16 Příspěvek od **Márty84** » 20 črc 2014 09:40

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Polska Pasha · #17 Příspěvek od **Polska Pasha** » 20 črc 2014 11:00

OTL:
OTL logfile created on: 7/20/2014 11:01:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.68 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 59.51% Memory free
7.36 Gb Paging File | 5.73 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 200.79 Gb Free Space | 44.85% Space Free | Partition Type: NTFS

Computer Name: PEPA | User Name: Pepik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/20 10:57:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pepik\Desktop\OTL.exe
PRC - [2014/07/19 13:13:58 | 003,427,208 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe
PRC - [2014/07/19 13:13:55 | 000,732,040 | ---- | M] () -- C:\Program Files (x86)\SupTab\HpUI.exe
PRC - [2014/07/19 13:13:45 | 000,535,936 | ---- | M] (Fuyu LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
PRC - [2014/07/16 11:16:28 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\SupTab\Loader32.exe
PRC - [2014/07/15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/08 09:51:53 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014/03/12 03:54:58 | 000,108,032 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2014/03/12 03:54:56 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/23 14:54:33 | 003,567,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2013/10/22 16:03:53 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/08/18 09:12:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/19 13:13:59 | 000,093,576 | ---- | M] () -- C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
MOD - [2014/07/19 13:13:55 | 000,732,040 | ---- | M] () -- C:\Program Files (x86)\SupTab\HpUI.exe
MOD - [2014/07/16 11:16:28 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\SupTab\Loader32.exe
MOD - [2014/07/15 11:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
MOD - [2014/07/15 11:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
MOD - [2013/10/22 16:03:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2011/04/24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/10/22 16:03:53 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/07/19 13:13:58 | 003,427,208 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014/07/19 13:13:45 | 000,535,936 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
SRV - [2014/05/08 09:51:53 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014/03/12 03:54:58 | 000,108,032 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/03/12 03:54:56 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/12/18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/07 15:14:14 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/18 09:12:01 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/26 00:51:53 | 004,460,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/04/26 15:03:36 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/10/09 17:59:19 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 16:18:00 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013/10/22 16:04:01 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/10/22 16:04:01 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/10/22 16:04:01 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/10/22 16:04:01 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/10/22 16:04:01 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/10/22 16:04:01 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/10/22 16:03:59 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/04/15 23:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/11/09 15:11:20 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/08 18:36:14 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/06/02 05:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/01/18 00:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/07/20 02:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/27 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009/09/19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009/09/19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/31 09:39:36 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.p ... 495951&ir=

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{268DDC2E-9AB6-4AF7-A619-699D23176C72}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..\SearchScopes\{38FD2F15-E806-4BB6-9A9E-6F8C8734AEFE: "URL" = http://start.mysearchdial.com/results.p ... 495951&ir=
IE - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "omiga-plus"
FF - prefs.js..browser.search.selectedEngine: "omiga-plus"
FF - prefs.js..browser.startup.homepage: "http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.2.3
FF - prefs.js..extensions.enabledAddons: firefox%40norpalla.com:1.0.1
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/04/14 20:10:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/22 16:04:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2014/04/13 15:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2014/04/13 15:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\faststartff@gmail.com [2014/07/19 13:13:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/02 17:15:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/29 14:15:41 | 000,000,000 | ---D | M]

[2012/07/11 21:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Extensions
[2014/07/19 13:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions
[2014/07/19 13:42:23 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/07/19 13:13:25 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\faststartff@gmail.com
[2014/07/04 15:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\Firefox\Profiles\6icesh4i.default\extensions\staged
[2014/06/28 20:13:56 | 000,190,349 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\cccc5f0d-b9d0-4314-88b5-7e27551f9e84@jetpack.xpi
[2014/02/28 23:25:42 | 000,008,575 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\firefox@norpalla.com.xpi
[2013/04/11 17:54:38 | 000,197,614 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\ftdownloader3@ftdownloader.com.xpi
[2012/06/26 06:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/02 17:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/07 15:14:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/22 16:04:03 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2014/07/19 13:13:16 | 000,000,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\omiga-plus.xml

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: MicrosoftÂ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows LiveÂ™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Pepik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: AVGO Youtube Video Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\abahbcbbcgfljepaebnkigbccjebnoej\1.0_0\
CHR - Extension: YouTube = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.883_0\
CHR - Extension: AVGO Video Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjpcgodbidhphkhhdbgikflfjgopfpbn\1.1_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: AVGO Youtube Video Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\abahbcbbcgfljepaebnkigbccjebnoej\1.0_0\
CHR - Extension: YouTube = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.883_0\
CHR - Extension: AVGO Video Downloader = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjpcgodbidhphkhhdbgikflfjgopfpbn\1.1_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/07/19 11:42:47 | 000,000,078 | R-S- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 178.217.187.203 master.serwery.wiaderko.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norpalla) - {78f5a1e7-dd0d-49f9-871b-1889c9729861} - C:\Program Files (x86)\Norpalla\NorpallaBHO.dll (Norpalla)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Gaming Mouse Driver] C:\Program Files (x86)\Gaming Mouse\Monitor.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.9 212.47.0.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{610EB418-5BBF-4997-8F43-3817DE589DD9}: DhcpNameServer = 192.168.1.9 212.47.0.7
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/07/20 10:57:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pepik\Desktop\OTL.exe
[2014/07/20 09:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/07/19 13:30:08 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\Opera Software
[2014/07/19 13:30:07 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\Opera Software
[2014/07/19 13:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/07/19 13:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/19 13:13:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/19 13:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/19 13:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/07/19 13:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norpalla
[2014/07/19 08:13:05 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/07/19 08:08:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/07/18 08:46:59 | 005,221,938 | R--- | C] (Swearware) -- C:\Users\Pepik\Desktop\ComboFix.exe
[2014/07/16 20:47:07 | 000,000,000 | ---D | C] -- C:\m-r-software
[2014/07/16 20:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft
[2014/07/16 20:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aerosoft
[2014/07/15 09:20:47 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/15 09:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/15 09:20:26 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/15 09:20:26 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/15 09:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/10 21:47:39 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Local\1449
[2014/07/07 21:27:47 | 000,000,000 | -H-D | C] -- C:\Users\Pepik\Documents\Freemake_do_not_remove_this_folder
[2014/07/07 08:16:41 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\.minecraft
[2014/07/04 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/07/02 18:50:04 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/06/29 20:08:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/06/29 20:08:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/06/29 20:08:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/06/29 20:08:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/06/29 20:07:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/06/29 17:53:23 | 000,000,000 | ---D | C] -- C:\rsit
[2014/06/29 09:55:10 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\BANDISOFT
[2014/06/28 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
[2014/06/28 20:05:41 | 000,000,000 | ---D | C] -- C:\Users\Pepik\Documents\AVGO
[2014/06/25 14:54:00 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor
[2014/06/23 15:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rFactor
[2014/06/23 15:55:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rFactor
[2014/06/21 16:08:46 | 000,000,000 | ---D | C] -- C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

========== Files - Modified Within 30 Days ==========

[2014/07/20 11:03:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/07/20 10:57:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pepik\Desktop\OTL.exe
[2014/07/20 08:55:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/20 08:52:02 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/20 08:37:07 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/20 08:37:07 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/20 08:29:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/20 08:29:35 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/19 11:42:47 | 000,000,078 | R-S- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/07/18 17:47:28 | 001,586,070 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/18 17:47:28 | 000,669,926 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/07/18 17:47:28 | 000,655,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/18 17:47:28 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/07/18 17:47:28 | 000,122,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/18 08:47:19 | 005,221,938 | R--- | M] (Swearware) -- C:\Users\Pepik\Desktop\ComboFix.exe
[2014/07/17 20:40:50 | 001,354,223 | ---- | M] () -- C:\Users\Pepik\Desktop\adwcleaner_3.216.exe
[2014/07/16 20:47:07 | 000,000,585 | ---- | M] () -- C:\Users\Pepik\Desktop\OMSI - Editor.lnk
[2014/07/16 09:25:32 | 001,497,119 | ---- | M] () -- C:\Users\Pepik\Desktop\Fotografie0116.jpg
[2014/07/14 11:08:51 | 001,222,144 | ---- | M] () -- C:\Users\Pepik\Desktop\RSITx64.exe
[2014/07/04 16:01:42 | 000,065,599 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Camdata.ini
[2014/07/04 16:01:42 | 000,004,524 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\CamStudio.cfg
[2014/07/04 16:01:42 | 000,000,408 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\CamShapes.ini
[2014/07/04 16:01:42 | 000,000,408 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\CamLayout.ini
[2014/06/21 18:07:40 | 000,000,132 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby

========== Files Created - No Company Name ==========

[2014/07/19 13:30:03 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/07/17 20:40:59 | 001,354,223 | ---- | C] () -- C:\Users\Pepik\Desktop\adwcleaner_3.216.exe
[2014/07/16 20:47:07 | 000,000,585 | ---- | C] () -- C:\Users\Pepik\Desktop\OMSI - Editor.lnk
[2014/07/16 09:25:32 | 001,497,119 | ---- | C] () -- C:\Users\Pepik\Desktop\Fotografie0116.jpg
[2014/07/14 11:08:48 | 001,222,144 | ---- | C] () -- C:\Users\Pepik\Desktop\RSITx64.exe
[2014/06/29 20:08:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/06/29 20:08:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/06/29 20:08:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/06/29 20:08:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/06/29 20:08:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/06/03 19:36:32 | 000,065,599 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Camdata.ini
[2014/06/03 19:36:32 | 000,004,524 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\CamStudio.cfg
[2014/06/03 19:36:32 | 000,000,408 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\CamShapes.ini
[2014/06/03 19:36:32 | 000,000,408 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\CamLayout.ini
[2014/06/01 16:39:50 | 000,000,132 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013/10/21 19:36:55 | 000,000,918 | ---- | C] () -- C:\Windows\ARPR.INI
[2013/07/12 16:11:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013/06/25 16:19:00 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013/06/25 16:18:59 | 000,014,456 | ---- | C] () -- C:\Windows\SysWow64\Kara_v.dll
[2013/06/24 08:00:46 | 001,205,201 | ---- | C] () -- C:\Windows\unins000.exe
[2013/06/19 19:57:06 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/06/19 19:57:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/06/02 12:52:44 | 097,979,392 | ---- | C] () -- C:\Program Files (x86)\Samsung New PC Studio.msi
[2013/06/02 12:52:44 | 000,102,400 | ---- | C] () -- C:\Program Files (x86)\1029.MST
[2013/06/02 12:52:44 | 000,014,444 | ---- | C] () -- C:\Program Files (x86)\0x0405.ini
[2013/05/24 20:13:59 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2013/03/23 15:29:55 | 000,877,747 | ---- | C] () -- C:\Users\Pepik\AppData\Local\Tempmusic.ogg
[2013/01/03 20:16:25 | 000,000,246 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Mouse Monitor_Settings.ini
[2012/11/19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/11/19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/08/30 19:26:40 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/07/01 15:30:46 | 000,001,796 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\System Monitor II_CPU0_Settings.ini
[2012/06/11 21:10:17 | 000,000,123 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Mouse Monitor_Counters.ini
[2012/06/11 19:02:06 | 000,000,199 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\Keyboard Monitor_Settings.ini
[2012/06/11 16:28:23 | 000,000,276 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\System Uptime Full Plus_Settings.ini
[2012/03/07 19:04:55 | 000,045,270 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\room_v3.dat
[2012/02/11 23:31:12 | 000,005,632 | ---- | C] () -- C:\Users\Pepik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/29 19:36:43 | 000,007,605 | ---- | C] () -- C:\Users\Pepik\AppData\Local\Resmon.ResmonCfg
[2011/11/09 15:37:07 | 000,017,212 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\UserTile.png
[2003/04/09 05:28:44 | 000,233,472 | ---- | C] () -- C:\Users\Pepik\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/07/05 16:28:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.minecraft
[2012/08/05 18:06:57 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Acoustica
[2012/02/05 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ashampoo
[2013/02/01 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Audacity
[2013/10/23 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\AVAST Software
[2012/02/24 14:55:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Avnex
[2014/06/29 09:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BANDISOFT
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\bin
[2014/07/20 10:13:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BitTorrent
[2013/09/19 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\cache
[2012/02/12 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\coremods
[2014/07/20 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
[2012/06/22 20:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013/09/12 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DesktopIconGoodgame
[2012/04/28 10:05:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Dropbox
[2013/08/26 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\FlvtoConverter
[2014/07/12 12:25:49 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Foxit Software
[2013/03/17 18:40:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Freecorder 7 Video
[2013/08/04 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ftblauncher
[2013/03/19 16:58:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GarenaPlus
[2012/01/12 18:05:09 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hardcore
[2011/11/14 00:09:39 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ICQ
[2012/08/05 18:07:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Image-Line
[2012/05/05 08:17:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IObit
[2011/12/28 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IrfanView
[2012/07/01 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Leadertech
[2013/09/19 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\lib
[2012/05/05 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient
[2012/06/09 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient2
[2013/07/30 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\MKKE
[2013/09/19 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\mods
[2012/02/03 09:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Need for Speed World
[2013/11/07 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Nordic Games
[2011/11/09 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera
[2014/07/19 13:30:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera Software
[2012/07/30 21:51:22 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\PC Suite
[2012/03/21 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Publish Providers
[2013/09/20 16:06:50 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\resources
[2013/05/05 20:27:00 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Samsung
[2013/09/21 08:42:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\saves
[2014/07/19 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Seznam.cz
[2013/08/23 16:52:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\skyz
[2013/11/15 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Softland
[2013/01/20 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Sony
[2014/07/02 18:50:04 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/09/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\stats
[2012/08/05 18:07:23 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SynthMaker
[2013/09/19 17:27:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\temp
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks-mp-cache
[2014/02/14 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\TS3Client
[2012/06/22 20:04:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ubisoft
[2013/08/05 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ulozto File Manager
[2012/03/07 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Unity
[2012/10/21 08:09:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\uTorrent
[2012/06/05 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\wargaming.net
[2013/02/27 16:58:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WebcamMax

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,628 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/06/04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2010/04/13 03:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x64\iaStor.sys
[2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys
[2010/04/13 03:35:20 | 000,435,736 | ---- | M] (Intel Corporation) MD5=E11ED9B1EA60E747655E1090C7509D08 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x86\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\erdnt\cache64\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

Polska Pasha · #18 Příspěvek od **Polska Pasha** » 20 črc 2014 11:01

OTL2:
< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/03/19 09:45:16 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/03/19 09:39:54 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[59 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/07/05 16:28:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\.minecraft
[2012/08/05 18:06:57 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Acoustica
[2014/07/02 18:50:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Adobe
[2012/02/05 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ashampoo
[2013/02/01 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Audacity
[2013/10/23 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\AVAST Software
[2012/02/24 14:55:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Avnex
[2014/06/29 09:55:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BANDISOFT
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\bin
[2014/07/20 10:13:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\BitTorrent
[2013/09/19 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\cache
[2012/02/12 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/19 17:27:24 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\coremods
[2011/11/09 15:22:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\CyberLink
[2014/07/20 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
[2012/06/22 20:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013/09/12 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\DesktopIconGoodgame
[2012/04/28 10:05:17 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Dropbox
[2013/08/26 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\FlvtoConverter
[2014/07/12 12:25:49 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Foxit Software
[2013/03/17 18:40:14 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Freecorder 7 Video
[2013/08/04 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ftblauncher
[2013/03/19 16:58:43 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GarenaPlus
[2011/11/09 15:24:44 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\GRETECH
[2011/12/27 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hamachi
[2012/01/12 18:05:09 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Hardcore
[2011/11/14 00:09:39 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\ICQ
[2011/11/09 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Identities
[2012/08/05 18:07:58 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Image-Line
[2013/07/29 16:55:21 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\InstallShield
[2012/05/05 08:17:05 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IObit
[2011/12/28 19:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\IrfanView
[2012/07/01 19:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Leadertech
[2013/09/19 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\lib
[2012/05/05 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient
[2012/06/09 18:40:32 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\LolClient2
[2011/11/09 12:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Macromedia
[2014/07/15 09:20:30 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Malwarebytes
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Media Center Programs
[2012/12/16 12:14:51 | 000,000,000 | --SD | M] -- C:\Users\Pepik\AppData\Roaming\Microsoft
[2013/07/30 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\MKKE
[2013/09/19 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\mods
[2012/06/26 06:54:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Mozilla
[2012/02/03 09:46:56 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Need for Speed World
[2013/11/07 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Nordic Games
[2011/11/09 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera
[2014/07/19 13:30:07 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Opera Software
[2012/07/30 21:51:22 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\PC Suite
[2012/03/21 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Publish Providers
[2013/09/20 16:06:50 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\resources
[2013/05/05 20:27:00 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Samsung
[2013/09/21 08:42:29 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\saves
[2012/07/02 08:06:28 | 000,000,000 | RH-D | M] -- C:\Users\Pepik\AppData\Roaming\SecuROM
[2014/07/19 07:47:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Seznam.cz
[2014/07/20 10:59:09 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Skype
[2013/08/23 16:52:12 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\skyz
[2013/11/15 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Softland
[2013/01/20 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Sony
[2014/07/02 18:50:04 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/09/21 08:50:27 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\stats
[2012/08/05 18:07:23 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\SynthMaker
[2013/09/19 17:27:01 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\temp
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks
[2013/09/19 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\texturepacks-mp-cache
[2014/02/14 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\TS3Client
[2012/06/22 20:04:28 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ubisoft
[2013/08/05 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Ulozto File Manager
[2012/03/07 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Unity
[2012/10/21 08:09:20 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\uTorrent
[2012/06/05 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\wargaming.net
[2013/02/27 16:58:10 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WebcamMax
[2014/06/24 12:25:45 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\Winamp
[2011/11/09 14:54:54 | 000,000,000 | ---D | M] -- C:\Users\Pepik\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2003/04/09 05:28:44 | 000,233,472 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\MafiaSetup.exe
[2014/07/02 10:40:08 | 001,270,872 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe
[2014/07/02 10:39:33 | 001,270,872 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pepik\AppData\Roaming\BitTorrent\updates\7.9.2_32128.exe
[2007/03/22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2014/07/10 23:43:42 | 002,467,840 | ---- | M] (Gretech Corporation) -- C:\Users\Pepik\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2012/08/29 19:47:51 | 000,010,134 | R--- | M] () -- C:\Users\Pepik\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2013/07/23 14:48:55 | 000,010,134 | R--- | M] () -- C:\Users\Pepik\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013/05/16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013/04/29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Pepik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/07/20 08:29:58 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/07/20 11:03:44 | 000,000,512 | ---- | M] () MD5=3F58D39B7C1976147E6B5268BF809B05 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003/12/05 14:52:40 | 000,000,796 | ---- | M] () -- \Gta san andreas\data\Decision\Craig\crack1.ped
[2005/07/07 21:22:11 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Concrete\prodwllecracked.vmt
[2005/07/07 21:22:12 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Concrete\prodwllecracked.vtf
[2005/12/02 21:04:47 | 000,000,574 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Glass\glasswindow018a_cracked.vmt
[2005/12/02 21:04:47 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\Glass\glasswindow018a_cracked.vtf
[2005/12/02 21:04:47 | 000,000,574 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vmt
[2005/12/02 21:04:47 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vtf
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Program Files (x86)\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007/03/20 17:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007/03/20 17:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007/03/20 17:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006/07/09 19:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
[2006/03/01 01:00:00 | 000,069,598 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\DYNAMIC\SO\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,069,162 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\STATIC\L16\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,069,598 | ---- | M] () -- \Program Files\The Stalin Subway\MODELS\STATIC\SO\lampa_03_crack.msh
[2006/03/01 01:00:00 | 000,011,480 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_01.wav
[2006/03/01 01:00:00 | 000,028,824 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_02.wav
[2006/03/01 01:00:00 | 000,017,560 | ---- | M] () -- \Program Files\The Stalin Subway\SOUNDS\Ambient\L2_Stroyka\CONSTRUCTION_NOISE\CRACK_01_S_03.wav
[2012/11/06 08:15:24 | 000,013,443 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Battlefield 1942 + Expansions + CD Crack + Keygens [Swaffy].torrent
[2012/11/22 08:18:35 | 000,018,258 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\F1.2011.PC.[crack+keygen].2011.torrent
[2013/01/04 18:31:22 | 000,010,768 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\WWE '12 [PC] Full Game (cracked).rar.torrent
[2013/08/03 13:17:41 | 000,001,062 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2013/08/03 13:17:41 | 000,008,681 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2013/01/24 15:25:13 | 007,088,737 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Alba\DE\Haftbefehl-Blockplatin-2CD-DE-2013-NOiR\112-haftbefehl-crackfurt-noir.mp3
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Stronghold Crusader\gm\cracks.gm1
[2005/12/23 16:51:00 | 000,049,206 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\Mafia\maps\crackedglass128a.bmp
[2005/12/23 17:51:00 | 000,049,206 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\maps\crackedglass128a.bmp

< *keygen* /s >
[2012/11/06 08:15:24 | 000,013,443 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Battlefield 1942 + Expansions + CD Crack + Keygens [Swaffy].torrent
[2012/11/22 08:18:35 | 000,018,258 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\F1.2011.PC.[crack+keygen].2011.torrent
[2013/01/20 10:31:18 | 000,017,067 | ---- | M] () -- \Users\Pepik\AppData\Roaming\BitTorrent\Sony Vegas Pro 11.0.370 64 bit patch keygen huoyuan.torrent
[2006/07/11 18:01:56 | 000,066,048 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Ostatní\Camstasia\camtasia byminim0xa\KeyGen.exe

< *AntiWPA* /s >

< *loader* /s >
[2014/04/13 20:48:11 | 000,121,344 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0\npFreemakeYoutubeDownloader.dll.vir
[2013/08/15 16:42:19 | 000,000,522 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0\images\loader.gif.vir
[2013/05/28 19:15:59 | 000,000,906 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com\FTDownloader.lnk.vir
[2014/06/08 09:32:27 | 000,003,124 | ---- | M] () -- \AdwCleaner\Quarantine\C\Windows\System32\Tasks\YourFile DownloaderUpdate.vir
[2003/09/15 15:02:00 | 000,169,384 | ---- | M] () -- \Gry\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003/09/15 14:55:50 | 000,352,548 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\models\loader.mdl
[2003/09/15 14:56:04 | 000,012,764 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 14:56:04 | 000,012,164 | ---- | M] () -- \Gry\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2012/08/06 18:10:30 | 000,499,160 | ---- | M] () -- \m-r-software\Omsi\Sounds\Ansagen\Uploader.pl - door_alarm.wav
[2012/08/06 18:10:30 | 000,499,160 | ---- | M] () -- \m-r-software\Omsi\Vehicles\SU_15\Sound\Uploader.pl - door_alarm.wav
[2011/07/05 00:29:56 | 000,124,200 | ---- | M] () -- \Program Files (x86)\Acer\Acer Crystal Eye Webcam\Koan\pyloader.dll
[2012/10/26 13:44:29 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/04/29 10:53:44 | 000,011,917 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2012/03/27 17:16:02 | 000,014,336 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Detector.dll
[2012/03/27 17:16:02 | 000,006,656 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2012/03/27 17:16:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2012/03/27 17:16:02 | 000,036,352 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Interface.dll
[2012/03/27 17:16:02 | 000,017,408 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2012/03/27 17:16:00 | 000,048,640 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2012/03/27 17:16:02 | 000,159,744 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2012/03/27 17:16:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.Subtitles.dll
[2012/03/27 17:16:02 | 000,079,360 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2012/03/27 17:16:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2012/03/27 17:16:02 | 000,003,584 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Downloader\FMDownloaderDeploy.dll
[2011/03/16 13:12:40 | 000,034,304 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Converter\FMWeb\Uploader\FMYouTubeUploader.dll
[2014/03/12 04:05:08 | 002,089,024 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2014/02/03 05:14:10 | 000,007,379 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.js
[2014/02/03 05:14:10 | 000,000,402 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.xul
[2014/03/12 04:04:58 | 000,089,664 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/03/12 04:03:44 | 000,043,008 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\DownloaderCommon.dll
[2014/03/12 04:00:56 | 000,020,992 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Detector.dll
[2014/03/12 03:54:38 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2014/03/12 04:00:58 | 000,014,336 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2014/03/12 04:00:50 | 000,045,568 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Interface.dll
[2014/03/12 03:54:40 | 000,020,480 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2014/03/12 04:00:52 | 000,066,048 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2014/03/12 04:00:54 | 000,158,720 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2014/03/12 04:00:58 | 000,145,920 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2014/03/12 04:00:52 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2014/03/12 04:03:52 | 000,241,664 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Model.dll
[2014/03/12 04:01:02 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Tools.dll
[2014/03/12 04:04:00 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\cs\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\da\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\de-DE\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,013,312 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\el-GR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\es-ES\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:00 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\fr-FR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\hu\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\it\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,017,920 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ja-JP\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\nl\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pl\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pt-BR\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:04 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ru-RU\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\sk\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,012,800 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\uk\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,011,776 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\vi\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:02 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-CN\FreemakeVideoDownloader.resources.dll
[2014/03/12 04:04:04 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-TW\FreemakeVideoDownloader.resources.dll
[2002/08/18 22:14:40 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2013/02/07 11:11:16 | 000,051,504 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2013/02/07 11:11:18 | 002,941,232 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2013/02/07 08:58:36 | 000,256,816 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2009/03/31 09:23:58 | 000,289,280 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009/03/12 09:31:22 | 000,285,184 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009/03/31 09:39:20 | 000,208,896 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009/04/02 18:03:40 | 000,258,048 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008/11/25 16:52:24 | 000,266,240 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2005/06/26 13:10:02 | 000,001,172 | ---- | M] () -- \Program Files (x86)\Sanny Builder 3\tools\CLEO3\ASI_loader_ ReadMe.txt
[2013/01/09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2014/02/10 09:21:14 | 000,001,428 | ---- | M] () -- \Program Files (x86)\SimtMHD\Content\loader.xnb
[2014/07/16 11:16:28 | 000,064,000 | ---- | M] () -- \Program Files (x86)\SupTab\Loader32.exe
[2014/07/16 10:55:10 | 000,073,216 | ---- | M] () -- \Program Files (x86)\SupTab\Loader64.exe
[2009/02/22 03:34:22 | 003,217,920 | ---- | M] () -- \Program Files (x86)\WWE RAW - Ultimate Impact\LOADER.exe
[2011/05/28 23:04:04 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/04/13 15:58:55 | 000,001,318 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2014/06/29 20:39:15 | 000,001,118 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-YourFileDownloaderUpdater.reg.dat
[2010/11/02 12:36:12 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.94\deploy\assets\storeImages\layout\small_loader.gif
[2012/10/19 21:13:27 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.94\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2013/07/24 14:23:36 | 000,001,415 | ---- | M] () -- \Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.1.94\deploy\mod\cfct\assets\FeaturedContentLoaderAssets.swf
[2014/02/03 05:21:00 | 000,015,511 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014/02/03 05:21:00 | 000,064,651 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014/02/03 05:21:00 | 000,064,719 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014/04/13 15:58:55 | 000,001,318 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2014/06/19 16:17:40 | 000,477,184 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
[2014/06/19 11:19:58 | 000,004,531 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe.config
[2014/06/28 20:36:32 | 000,155,677 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\UninstallFlvtoYoutubeDownloader.exe
[2014/06/19 16:17:40 | 000,013,312 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\de-DE\FlvtoYoutubeDownloader.resources.dll
[2014/06/19 16:17:40 | 000,012,288 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\en-US\FlvtoYoutubeDownloader.resources.dll
[2014/06/19 16:17:40 | 000,012,800 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\it-IT\FlvtoYoutubeDownloader.resources.dll
[2014/06/19 16:17:40 | 000,013,312 | ---- | M] () -- \Users\Pepik\AppData\Local\Flvto Youtube Downloader\pt-PT\FlvtoYoutubeDownloader.resources.dll
[2014/07/20 10:20:17 | 000,001,980 | ---- | M] () -- \Users\Pepik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4ZIC0AN\AdLoader[1].htm
[2014/07/20 10:20:17 | 000,017,912 | ---- | M] () -- \Users\Pepik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U26Y8ZAR\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2012/12/15 20:58:43 | 000,000,749 | ---- | M] () -- \Users\Pepik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2014/02/18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/02/18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\loader.png
[2014/02/18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/02/18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/02/18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\Pepik\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013/09/21 08:50:28 | 000,094,699 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log
[2013/09/21 08:42:03 | 000,000,000 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log.lck
[2013/09/21 08:37:32 | 000,075,364 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-1.log
[2013/09/20 21:07:42 | 000,092,507 | ---- | M] () -- \Users\Pepik\AppData\Roaming\ForgeModLoader-client-2.log
[2014/06/28 20:36:32 | 000,002,190 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2014/06/28 20:36:32 | 000,001,254 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/04/13 15:58:55 | 000,001,405 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2013/04/11 17:54:38 | 000,197,614 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\ftdownloader3@ftdownloader.com.xpi
[2013/03/29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\bin\1641libfoxloader.dll
[2013/04/15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\bin\1644libfoxloader-x64.dll
[2014/07/10 21:48:38 | 000,000,164 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/01/09 12:41:56 | 000,030,608 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013/03/25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013/08/23 16:52:12 | 000,200,377 | ---- | M] () -- \Users\Pepik\AppData\Roaming\skyz\mod_prerequisites\ModLoader1.5.2.zip
[2013/09/24 15:59:38 | 000,000,421 | ---- | M] () -- \Users\Pepik\AppData\Roaming\Unity\WebPlayerPrefs\cdn_5ftx3_2egalapagosgames_2ecom\prefunity-scenes-loader_2eunity3d.upp
[2014/06/28 20:36:32 | 000,002,176 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Flvto Youtube Downloader.lnk
[2013/06/24 15:16:15 | 000,631,704 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\FlvtoYoutubeDownloader.exe
[2014/04/13 15:58:55 | 000,001,300 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Freemake Video Downloader.lnk
[2013/01/30 19:18:06 | 000,001,014 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\YTD Video Downloader.lnk
[2011/12/27 12:27:32 | 000,001,090 | ---- | M] () -- \Users\Pepik\Desktop\Hlavní Složka\Programy\YouTube Downloader.lnk
[2014/06/28 20:08:44 | 000,003,574 | ---- | M] () -- \Users\Pepik\Documents\AVGO\FreeVideoDownloader.txt
[2014/06/28 20:06:40 | 000,000,145 | ---- | M] () -- \Users\Pepik\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2012/10/26 13:30:30 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2012/10/26 13:36:39 | 000,003,592 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2014/07/12 19:00:27 | 000,260,414 | ---- | M] () -- \Windows\Prefetch\FLVTOYOUTUBEDOWNLOADER.EXE-91887BBB.pf
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2006/09/28 14:55:34 | 000,053,248 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2013/12/05 09:32:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2007/04/30 16:43:12 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2006/09/28 14:55:34 | 000,053,248 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2013/12/05 09:32:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2007/04/30 16:43:12 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/10/09 18:35:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/10/09 18:35:18 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/10/09 18:35:18 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/10/09 18:35:18 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/10/09 18:35:18 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/07/20 09:04:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/20 09:04:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/20 09:04:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/20 09:04:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/20 09:04:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/10/09 18:31:57 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2011/05/30 05:03:11 | 000,000,750 | ---- | M] () -- \OEM\Preload\Autorun\APP\clear.fi v1.0\PCinema\Config\CopyRightNoDTS.ini
[2012/11/16 18:36:10 | 001,331,126 | ---- | M] () -- \Program Files (x86)\Zemi Interactive\4StoryUS\Node\TNODE00000506.pnd
[2012/11/16 18:36:11 | 001,316,090 | ---- | M] () -- \Program Files (x86)\Zemi Interactive\4StoryUS\Node\TNODE02BF0000.pnd

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2007/10/30 21:10:05 | 000,200,704 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\bin\dmserializers.dll
[2003/10/09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2013/05/13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/24 19:36:30 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012/12/24 21:01:18 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\wanted5733\team fortress 2\bin\dmserializers.dll
[2013/05/13 17:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/24 19:37:07 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/09/27 14:50:16 | 000,320,856 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\CoreUI.XmlSerializers.dll
[2011/09/27 14:50:22 | 000,460,120 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2012/08/12 20:20:17 | 000,000,656 | ---- | M] () -- \Users\Pepik\Desktop\Hry\Mafia 1 – Plna Verze Hry – CZ\TABLES\MENU\multiset_serial.mnu
[2011/10/09 18:34:41 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/01/11 16:30:52 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013/01/11 16:29:42 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 16:31:23 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013/01/11 16:25:50 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:38:23 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:38:18 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013/01/11 18:40:15 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013/01/11 18:47:25 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013/01/11 18:47:34 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/11 18:50:38 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2011/11/11 13:51:43 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/02/15 18:43:17 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/11/11 13:51:42 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/02/15 18:43:15 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/02/15 18:43:25 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:43 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010/06/15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/06/15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011/10/09 18:34:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/10/09 18:34:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011/10/09 18:34:45 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/07/20 09:04:28 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/20 09:04:28 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/10/09 18:35:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/10/09 18:35:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/10/09 18:33:25 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011/10/09 18:34:41 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/10/09 18:34:43 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011/10/09 18:34:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011/10/09 18:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

< End of report >

Polska Pasha · #19 Příspěvek od **Polska Pasha** » 20 črc 2014 11:01

Extras:
OTL Extras logfile created on: 7/20/2014 11:01:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.68 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 59.51% Memory free
7.36 Gb Paging File | 5.73 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 200.79 Gb Free Space | 44.85% Space Free | Partition Type: NTFS

Computer Name: PEPA | User Name: Pepik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05630C41-7EFC-47DB-8792-8AF59B06A7E6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0D9B569C-D819-4422-B3CE-FEFAED931E4C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{193EC665-3534-447A-BAB0-733F798307DF}" = rport=137 | protocol=17 | dir=out | app=system |
"{19FEB05F-156D-45BC-9EDA-F154126AF331}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A5C3F0A-387F-4A04-AABB-52750FBB40C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1B59644D-7CBC-4097-8107-2ED80223A350}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D106A68-81CD-4478-B9EC-CE8748D8B4C9}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3BB8CD9C-B080-4B14-B4AD-B2A2D89058F1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{52BFDD52-EE89-4E52-8C57-D2B77411CE4B}" = rport=445 | protocol=6 | dir=out | app=system |
"{548BD72D-F969-4F09-BFA6-B779409B2ACD}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{599DC099-778D-4CD2-A84B-F56928683485}" = rport=138 | protocol=17 | dir=out | app=system |
"{5A8E8B95-81AE-4EE0-8219-1E88497848FA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6187398C-624B-4F8B-86C2-774C0381EF92}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{75717E04-E84F-427F-93AF-94F8DF6D76F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{772254F9-F6A1-40A8-9B34-FFE6E8670657}" = lport=137 | protocol=17 | dir=in | app=system |
"{7A1C97C1-AD44-4599-B91B-8171E34B56EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A21310E-8B3E-40C7-B588-BD8BC7E63A2E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A27C607-51CB-4D27-B01B-563707B1C209}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A70E5DF-BE88-49F7-AF73-517907C7BBC6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{81E66C8E-E017-46F4-9DEC-F38CF84B5B63}" = lport=2869 | protocol=6 | dir=in | app=system |
"{89D783A3-A333-449F-9B83-FDFD458E84F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CF8C130-4B5D-4FE8-883A-ABE0CAD9D172}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{953F0DDD-340B-4C29-87FA-3102F2258E23}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{96C81411-F327-41FE-8CBA-CD3C6E540A8D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BCE57FE-74D4-4D09-A26F-E4247D1B2590}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B774144A-6A8B-4723-9B13-3C43880F03D3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CD4FCB0E-AE3B-4318-9DAA-53204441B0FA}" = rport=139 | protocol=6 | dir=out | app=system |
"{D681F1F5-10C2-4048-ACC5-7444A0FD39F4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D74BB254-0310-4261-BC87-D6F28635F193}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D95F347B-13C8-4394-A07C-FA824B830F42}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6E3CF73-76A2-4566-8DFE-59C1D2F6239C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FB8B98E5-E989-4A03-BA5F-2738A964B678}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE56310E-BF3B-42A7-8D28-A0C23EA9DB9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015DDEED-662B-47B7-863C-16BCFBCEF030}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{051F0171-F231-44F8-BDA3-5C00E89CA503}" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{07F03C01-EC74-44E6-92DA-BDE3CF416CE7}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{097A0673-A93B-4A7B-B5AD-CAE80FFEF111}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{12346F5D-55F9-43C1-999F-83E44CF1548D}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1378F61F-AB4E-49EA-84AB-1D013E14EE90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1618AE9E-9C9B-446E-8B82-30DE3D4D3BC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2067F595-3F8F-49B7-A514-D61D83C4F481}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21A64971-24FC-477C-BD86-B3509F120AF5}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{27F634E8-E382-47B4-BD45-C10B404ECC7D}" = protocol=17 | dir=in | app=c:\users\pepik\appdata\roaming\bittorrent\bittorrent.exe |
"{2F575A1A-67DB-445E-974E-43705358E5E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2FBCF90C-7034-49F8-9332-EA19D72C139C}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{389F324C-E1E4-4761-ACA8-15C664F7D6FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38ADAD8D-53DA-43E7-9DB2-E1BAD04BA983}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{3A2929BB-95B8-44E0-AF5D-7115DB9410E1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44ADB9FF-F4F9-4362-A26B-432584A07429}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4704BF42-F0DD-4632-BBC9-6797C7DE5441}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{4BB6DF95-4006-47B0-B998-7CB6E1F398B5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4C9D6B6B-DFF3-4600-B403-E6B3BE2A94FB}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{5747267C-B7E8-4455-B765-C2CFC18F71B2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5AC3BEBE-850F-4471-AB17-EA8CB0A689E1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5C9225DF-E9FB-46E6-814E-D1EF6AE3902B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6D59B72C-962D-4172-A04B-CB1EF4216349}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{71E666A6-687F-4664-A9ED-E87D8DC7A857}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{762D903D-0DD2-4172-A4F3-D969D4FE2558}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7BD038B4-411C-447E-AA40-AF5309EAF323}" = protocol=6 | dir=in | app=c:\users\pepik\appdata\roaming\bittorrent\bittorrent.exe |
"{7C92C94B-DF0C-4F27-831D-49AD812DBF7A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CD4E390-5D24-46E8-91A4-CDB5C4F3BD99}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{7D399836-5DEB-49F5-A3D2-1094F956E8C3}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{7ECB1A33-12F4-457F-81FC-BB36C1E0E3B0}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{8D9EB1C5-7062-4F6B-BEAB-0C928F6E673D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{934ADA3C-E8A7-4DA2-8784-FE9D9DA64E67}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A224C994-804B-4D02-B34E-CDDB4AF796EC}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{A379BAA4-A922-4A7F-9DA0-B4DCD0760493}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A5448EF5-A210-4DF1-AE37-1CC23B2DFBA5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A6741216-4839-4F02-B91B-09EAB1AF1B73}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{AE337637-8762-4952-B032-922D2AE988B0}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"{B0908840-4365-4B98-A064-E8E1F4111745}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B4447C4D-4992-4D84-A71D-88EBF05BDBD8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B574A1F6-0A7B-4B5E-8D2C-147E43BDF871}" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{BCCB884B-CFE9-4432-A527-09CF3C0788B0}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{CC38497A-0385-4341-B222-9A69DBFB190C}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{CDF497B2-244F-4D29-932A-57E8C04CBC51}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CDFD7A36-A87D-4A86-AA36-594A00DF093F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D30F365C-3C08-4BE6-A6EB-CC62588DF478}" = protocol=17 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"{D37F0881-5F3A-4C58-A1D6-6D9DCFEE4C4A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DB620390-33A8-4494-958F-8BAA6A855DFB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DC7B3DB4-F53A-4398-9CB0-88FD3190BE2A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DDA42F2B-EFAA-4273-8C8E-04DC3EBC0EB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1668F3D-AF1D-4CF9-9E98-824BA8A47505}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E35E4D3F-C842-4F52-9141-DB9E89EE6466}" = protocol=6 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"{EA66C5E9-AB57-4449-A849-40D41CA0D55E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{F16DED0D-BB4E-45C8-AEFD-1012CEB49CFC}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{FA7A0F20-6A95-4E00-BDB2-1A4908F9604B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FC5925F6-C5FC-42D3-9065-820BB4E897DE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCB9AEFF-FDD6-4D75-B3E5-24817B1E3161}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FD7E1970-41A9-4933-9EEF-2B6C3774050D}" = protocol=6 | dir=out | app=system |
"{FEC6DA59-410D-474D-A514-DFE7EB1922EB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{011045B3-497E-430E-8D34-D6D6FB5CDDFC}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{05520CD0-95ED-4468-97AF-F57D7C48C378}C:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe |
"TCP Query User{1061AD92-7113-42F6-A925-FDCA4C3700ED}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{1425F909-721E-4498-8E2E-1D7091656D06}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{1A378E04-94EE-4341-85AB-E0402F532009}C:\program files\codemasters\operation flashpoint\operationflashpoint.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\operation flashpoint\operationflashpoint.exe |
"TCP Query User{239A5A87-219D-4475-AA26-81BAA84F193F}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{27131BE5-BD67-4475-81F1-C9F1AEE5BD12}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{29FEA3B2-9032-4C49-9F21-5C9BC44512C1}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{3384FA01-8813-4719-95F4-81BE624A32D6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3A8D28E1-6445-4165-820D-9FA5BC320297}C:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"TCP Query User{3ED93162-8ED1-4B8E-9D4C-6820189F6395}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{444AE001-2692-4233-A2E0-BBE4D3DBA278}C:\users\pepik\desktop\hry\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\call of duty\codmp.exe |
"TCP Query User{5444DE6E-90F5-4FB8-9644-04934C9CC9A2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{587B94EE-6CF9-4ACD-9BFE-447F47B4E640}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{5A51A737-16B5-4CEC-BA39-06093A39CC0D}C:\program files (x86)\ubisoft\techland\call of juarez\coj.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\techland\call of juarez\coj.exe |
"TCP Query User{5FF43B8D-B5E1-4BE9-B1CB-B09579EBDD18}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{677557CF-9D25-4A1E-B248-48D29D61DAB8}C:\users\pepik\desktop\hry\starcraft-brood war\starcraft.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\starcraft-brood war\starcraft.exe |
"TCP Query User{690401F7-044A-493E-B443-6A7CC4580E8A}C:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe |
"TCP Query User{6F79003C-6709-4B99-9A80-A891B14A9745}C:\program files (x86)\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |
"TCP Query User{6FC5ABB6-DEED-49F4-A246-5C32FA8B704A}D:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{70E411D6-30EF-4A88-A734-852EAF127D85}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{7F55C18D-C538-434F-9D2D-24020033038C}C:\program files (x86)\rfactor\rfactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rfactor\rfactor.exe |
"TCP Query User{8CA997AA-6D7C-4278-B2A2-2792259E73B8}C:\program files (x86)\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"TCP Query User{A0DCBAC5-938B-4F12-99B1-D3BA0026A18E}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{A35B5E75-B9AD-4252-A7B6-4BE5421446CB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{A3F99437-6292-4545-8290-4584BCF0C726}C:\program files (x86)\ea sports\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\nhl 09\nhl2009.exe |
"TCP Query User{AB60B9BF-366F-40EC-A1EE-D6539AA7160A}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{BD61922B-2228-4F17-996C-767E97FA5F22}C:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe" = protocol=6 | dir=in | app=c:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe |
"TCP Query User{D5349812-7730-4D8A-8CE6-21723CF04602}C:\program files (x86)\motogp2\motogp2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"TCP Query User{D6B65D4B-340E-4713-931A-58C3E6B90A25}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D83C4E02-5492-48CF-B1C4-4FFE0B6917B7}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{E024D277-9497-4D7B-B0BC-5B5B8396A196}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{E9261615-CDEF-47C0-A2C5-338F6E98E2E8}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{1EAE0B2B-6D5D-4C5F-A50F-86BE4F5E59D6}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{1FC2E00C-2064-4A5F-930F-F4895022F3D3}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{2458390D-5091-4915-BDEC-E6EDCC1437FD}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{2B767A6C-1051-4251-90B0-CC957A9E93AD}C:\program files (x86)\ea sports\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\nhl 09\nhl2009.exe |
"UDP Query User{2BADB6DD-A76B-4AF6-86D4-22E78121D6BB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2FDF5929-1030-46AA-8566-09C722EF7F2D}C:\program files (x86)\ubisoft\techland\call of juarez\coj.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\techland\call of juarez\coj.exe |
"UDP Query User{31B1E990-4DF2-4352-AE7F-BD32E3F8AB51}C:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\need for speed underground 2\speed2.exe |
"UDP Query User{32AA8BE6-63C6-4FF4-B4E5-E5B1CCD760F0}C:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\wanted5733\team fortress 2\hl2.exe |
"UDP Query User{362DE726-DF82-4669-95FD-6BCF3DD37B47}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{39FD3E08-FD8E-4965-A667-BF18D60495EA}C:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{3BA6085F-56C0-4E17-B488-C8062F414E62}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{3DC43CB3-3679-4AF4-8AA9-103FE52A31A7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{3E458CF0-D113-42DA-8386-A2B6EFD47C1B}C:\program files\codemasters\operation flashpoint\operationflashpoint.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\operation flashpoint\operationflashpoint.exe |
"UDP Query User{499121EC-DAD3-4BDD-B25A-C624927683CD}C:\program files (x86)\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"UDP Query User{5D5DF7FF-B376-43DB-8820-96E1393D110C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{612296F7-BA40-4311-9920-3D8F417823B3}C:\users\pepik\desktop\hry\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\call of duty\codmp.exe |
"UDP Query User{79D22DF7-6900-4CF4-B2B6-DFF32224F9A7}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7B556092-FF5B-42CC-86FF-D867BB9DC093}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{8A7B2D27-C0B5-443F-8C7D-2926D57EE20C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{94F1FD37-6C68-4935-9AEF-378915BFA002}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{98E99ADF-70D3-4003-B165-F8B67B4BE396}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{99556888-3DEE-4956-A04E-9689B39AB745}C:\program files (x86)\rfactor\rfactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rfactor\rfactor.exe |
"UDP Query User{A38ED2A4-9A5A-49BC-B1E0-D9AE70DA97E1}C:\program files (x86)\motogp2\motogp2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motogp2\motogp2.exe |
"UDP Query User{AC6D3BE8-F852-44FE-9B5F-0F4A927B545C}C:\users\pepik\desktop\hry\starcraft-brood war\starcraft.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hry\starcraft-brood war\starcraft.exe |
"UDP Query User{AFF526EB-C209-4456-B5AA-6E886ED0BD16}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{B4C07F71-3DD8-48AA-93CF-CE8C427C2280}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{CC25FECE-A725-41FC-8794-509B1C41FCE7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{CC477757-3B2C-4DEF-B477-54CDB649CDB0}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{D6A24935-5E3D-4A21-A145-575EC5E0B196}D:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{DA2AA511-FFF8-472E-A529-DC44D29082C7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{DD1F9F15-4500-4368-AB97-360B67AD30B4}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{DDD38416-70EB-417B-B02E-8D7663F00B5F}C:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe" = protocol=17 | dir=in | app=c:\users\pepik\desktop\hlavní složka\castle strike\castlestrike.exe |
"UDP Query User{F0B6B661-31B2-4D9B-87C1-F679B773749D}C:\program files (x86)\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows sidebar\sidebar.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

Polska Pasha · #20 Příspěvek od **Polska Pasha** » 20 črc 2014 11:02

Extras2:
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{29AFE1B0-26A4-11E1-BFD4-F04DA23A5C58}" = MSVCRT Redists
"{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{331F3940-4093-11E1-9565-F04DA23A5C58}" = MSVCRT Redists
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Norpalla" = Norpalla
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-bit)
"z3ta+_x64_is1" = rgc:audio z3ta+ 1.5 (x64)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio version 2.7
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0824EE6D-137F-4B83-9628-8E7B000BEBA6}" = Rail Simulator
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1BB0C126-7F97-4438-B9CD-8954660474CD}" = ReFX Nexus 2.3.4 Update
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}" = Call of Juarez
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{631A0B87-B0B7-4B47-00A2-119A4B942EB6}" = Clive Barker's Undying
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1" = Minecraft Auto version 1.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7104189A-C592-4A56-AC9E-7C0CA135DA3C}" = AGEIA PhysX v6.10.25
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader HD
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.10) MUI
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1F5E26D-F22E-4DE4-994E-50F51BB3327F}" = ReFX Nexus 2.3.4 USB-eLicenser Emulator
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}" = Total Immersion Racing
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F084204C-5497-4DC2-893E-D31CF5C640E8}" = Gaming Mouse Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F2DDE4A8-A062-4D58-AE08-FAC1182955AF}" = GTAIII
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"avast" = avast! Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Call of Duty" = Call of Duty
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Core Temp ~ Čestina 1.0 RC3" = Core Temp ~ Čestina 1.0 RC3
"Counter-Strike 1.6" = Counter-Strike 1.6 v23
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarCry AMD64 ECU for x32 Edition" = FarCry AMD64 ECU for x32 Edition
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FL Studio 10" = FL Studio 10
"Flashpoint" = Flashpoint uninstall
"Flvto Youtube Downloader" = Flvto Youtube Downloader
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"Freemake Video Converter_is1" = Freemake Video Converter verze 3.0.1
"Freemake Video Downloader_is1" = Freemake Video Downloader
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"GOGPACKUNDYING_is1" = Clive Barker's Undying
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HyperSnap 7" = HyperSnap 7
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0824EE6D-137F-4B83-9628-8E7B000BEBA6}" = Rail Simulator
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}" = Call of Juarez
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"Lennar Digital Sylenth VSTi v1.2.1" = Lennar Digital Sylenth VSTi v1.2.1
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"MotoGP2_is1" = MotoGP2
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NFS: Most Wanted" = NFS: Most Wanted CZ
"OpenAL" = OpenAL
"Opera 22.0.1471.70" = Opera Stable 22.0.1471.70
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"rFactor" = rFactor (remove only)
"rgcAudio z3ta Plus v1.40" = rgcAudio z3ta Plus v1.40
"Sanny Builder 3_is1" = Sanny Builder 3.01
"Shockwave" = Shockwave
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"WindowsMangerProtect" = WindowsMangerProtect20.0.0.502
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WWE RAW - Ultimate Impact_is1" = WWE RAW - Ultimate Impact
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/18/2014 9:48:47 AM | Computer Name = Pepa | Source = Application Hang | ID = 1002
Description = Program Omsi.exe verze 1.0.14.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
8f0 Čas spuštění: 01cfa28e9f1cbe39 Čas ukončení: 12 Cesta k aplikaci: C:\m-r-software\Omsi\Omsi.exe

ID
hlášení: 39ff7d89-0e82-11e4-94ad-dc0ea10325dc

Error - 7/18/2014 12:42:09 PM | Computer Name = Pepa | Source = Application Hang | ID = 1002
Description = Program Omsi.exe verze 1.0.14.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
10ec Čas spuštění: 01cfa2a5ec3af81e Čas ukončení: 62 Cesta k aplikaci: C:\m-r-software\Omsi\Omsi.exe

ID
hlášení: 73657d7d-0e9a-11e4-94ad-dc0ea10325dc

Error - 7/19/2014 1:42:18 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 7/19/2014 2:10:55 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 7/19/2014 5:18:05 AM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 13.0.0.0, časové razítko:
0x4f61beba Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b83c8a Kód výjimky: 0xc06d007e Posun chyby: 0x0000c41f ID chybujícího
procesu: 0x4dc Čas spuštění chybující aplikace: 0x01cfa332545d1b5f Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe Cesta k
chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 967b2a70-0f25-11e4-885f-dc0ea10325dc

Error - 7/19/2014 5:19:40 AM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 13.0.0.0, časové razítko:
0x4f61beba Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b83c8a Kód výjimky: 0xc06d007e Posun chyby: 0x0000c41f ID chybujícího
procesu: 0xb24 Čas spuštění chybující aplikace: 0x01cfa332915329c1 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe Cesta k
chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: cf32e2fa-0f25-11e4-885f-dc0ea10325dc

Error - 7/19/2014 5:20:47 AM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 13.0.0.0, časové razítko:
0x4f61beba Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015, časové
razítko: 0x50b83c8a Kód výjimky: 0xc06d007e Posun chyby: 0x0000c41f ID chybujícího
procesu: 0xc90 Čas spuštění chybující aplikace: 0x01cfa332b9594358 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe Cesta k
chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: f7341a7f-0f25-11e4-885f-dc0ea10325dc

Error - 7/19/2014 7:21:39 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

Error - 7/19/2014 7:42:52 AM | Computer Name = Pepa | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 23.0.1.4974, časové
razítko: 0x520bc252 Název chybujícího modulu: xul.dll, verze: 23.0.1.4974, časové
razítko: 0x520bc166 Kód výjimky: 0xc0000005 Posun chyby: 0x0017af08 ID chybujícího
procesu: 0x1384 Čas spuštění chybující aplikace: 0x01cfa3467e728284 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: d06e0ba0-0f39-11e4-9649-dc0ea10325dc

Error - 7/20/2014 2:30:38 AM | Computer Name = Pepa | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/12/2012 7:50:13 AM | Computer Name = Pepik-PC | Source = MCUpdate | ID = 0
Description = 12:50:09 - Chyba při připojování k Internetu 12:50:10 - Nelze kontaktovat
server..

Error - 3/28/2012 1:00:19 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:00:19 - Chyba při připojování k Internetu 7:00:19 - Nelze kontaktovat
server..

Error - 3/28/2012 1:00:32 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:00:24 - Chyba při připojování k Internetu 7:00:24 - Nelze kontaktovat
server..

Error - 7/9/2012 1:19:41 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:19:41 - Chyba při připojování k Internetu 7:19:41 - Nelze kontaktovat
server..

Error - 7/21/2012 4:34:52 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 22:34:51 - Chyba při připojování k Internetu 22:34:51 - Nelze kontaktovat
server..

Error - 7/21/2012 5:34:59 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 23:34:59 - Chyba při připojování k Internetu 23:34:59 - Nelze kontaktovat
server..

Error - 7/21/2012 6:35:21 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 0:35:20 - Chyba při připojování k Internetu 0:35:21 - Nelze kontaktovat
server..

Error - 7/23/2012 1:13:38 PM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 19:13:38 - Chyba při připojování k Internetu 19:13:38 - Nelze kontaktovat
server..

Error - 7/28/2012 2:44:13 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 8:44:13 - Chyba při připojování k Internetu 8:44:13 - Nelze kontaktovat
server..

Error - 8/7/2012 1:38:05 AM | Computer Name = Pepa | Source = MCUpdate | ID = 0
Description = 7:38:05 - Chyba při připojování k Internetu 7:38:05 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 1/9/2012 2:05:21 PM | Computer Name = Pepik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 798 seconds with 540 seconds of active time. This session ended with a crash.

Error - 1/9/2012 2:08:19 PM | Computer Name = Pepik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 155 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/19/2014 1:57:47 AM | Computer Name = Pepa | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 7/19/2014 2:04:35 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 7/19/2014 2:08:11 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 7/19/2014 2:08:20 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 7/19/2014 2:09:29 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 7/19/2014 6:48:34 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 7/19/2014 6:49:03 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 7/19/2014 6:49:09 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 7/19/2014 7:21:17 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 7/20/2014 2:29:54 AM | Computer Name = Pepa | Source = Service Control Manager | ID = 7000
Description = Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku
následující chyby: %%1058

< End of report >

#21 Příspěvek od **Márty84** » 20 črc 2014 13:11

Jak to delate? Vy jste tesne po pouziti ComboFixu natahal do pc novou havet

Zopakujte ADWCleaner a MBAM

Polska Pasha · #22 Příspěvek od **Polska Pasha** » 20 črc 2014 17:00

Log z ADwcleaneru:
# AdwCleaner v3.216 - Report created 20/07/2014 at 14:26:51
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Pepik - PEPA
# Running from : C:\Users\Pepik\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Norpalla
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Pepik\AppData\Local\Temp\Norpalla
Folder Deleted : C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\faststartff@gmail.com

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\Software\omiga-plusSoftware
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16470

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "omiga-plus");
Line Deleted : user_pref("browser.search.selectedEngine", "omiga-plus");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1405768396&from=epom2&uid=WDCXWD5000BPVT-22HXZT3_WD-WX71E71ZJ863ZJ863");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CA0E16DE2B38EC0E&affID=120695&tsp=4961
Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405768396&from=epom2&uid=WDCXWD5000BPVT-22HXZT3_WD-WX71E71ZJ863ZJ863&q={searchTerms}
Deleted [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1405768396&from=epom2&uid=WDCXWD5000BPVT-22HXZT3_WD-WX71E71ZJ863ZJ863

*************************

AdwCleaner[R0].txt - [56358 octets] - [02/05/2014 14:04:06]
AdwCleaner[R1].txt - [56369 octets] - [04/05/2014 12:24:42]
AdwCleaner[R2].txt - [56430 octets] - [04/05/2014 12:30:03]
AdwCleaner[R3].txt - [7353 octets] - [29/06/2014 11:31:48]
AdwCleaner[R4].txt - [2466 octets] - [17/07/2014 21:40:49]
AdwCleaner[R5].txt - [6208 octets] - [20/07/2014 14:25:34]
AdwCleaner[S0].txt - [56988 octets] - [04/05/2014 12:35:05]
AdwCleaner[S1].txt - [7234 octets] - [29/06/2014 11:33:36]
AdwCleaner[S2].txt - [2421 octets] - [17/07/2014 21:43:42]
AdwCleaner[S3].txt - [4862 octets] - [20/07/2014 14:26:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4922 octets] ##########

Log z MBAMu:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 20.7.2014
Čas skenování: 14:31:38
Protokol: log.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.20.03
Databáze rootkitů: v2014.07.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pepik

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 679333
Uplynulý čas: 3 hod, 24 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 8
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\WOW6432NODE\Norpalla, , [9d269f02a5d6c670a751c61a47bb956b],
PUP.Optional.Norpalla.A, HKU\S-1-5-21-2289079560-4057469565-1523236124-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Norpalla, , [467d267b2c4f0b2bf502b9275aa86799],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{78f5a1e7-dd0d-49f9-871b-1889c9729861}, , [ac1769386d0e56e046ea03ab21e3da26],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{78F5A1E7-DD0D-49F9-871B-1889C9729861}, , [ac1769386d0e56e046ea03ab21e3da26],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{b82d8129-4741-4cbb-8694-aaf760950746}, , [ac1769386d0e56e046ea03ab21e3da26],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{940C7ED6-C01D-4EC2-A399-E1CDBC6AEF47}, , [ac1769386d0e56e046ea03ab21e3da26],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{940C7ED6-C01D-4EC2-A399-E1CDBC6AEF47}, , [ac1769386d0e56e046ea03ab21e3da26],
PUP.Optional.Norpalla.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{b82d8129-4741-4cbb-8694-aaf760950746}, , [ac1769386d0e56e046ea03ab21e3da26],

Hodnoty registru: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-2289079560-4057469565-1523236124-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [843f71303249e5517ea2a71f10f29e62]

Data registru: 5
PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://isearch.omiga-plus.com/web/?type ... earchTerms}, Dobré: (www.google.com), Špatné: (http://isearch.omiga-plus.com/web/?type ... earchTerms}),,[d5eef9a88ceff24472dad9c6c73d12ee]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://isearch.omiga-plus.com/web/?type ... earchTerms}, Dobré: (www.google.com/), Špatné: (http://isearch.omiga-plus.com/web/?type ... earchTerms}),,[12b19809dc9f81b571dec6d90bf90ef2]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://isearch.omiga-plus.com/web/?type ... earchTerms}, Dobré: (www.google.com), Špatné: (http://isearch.omiga-plus.com/web/?type ... earchTerms}),,[a0232a77c3b8d363ae9fc1de4cb84eb2]
PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://isearch.omiga-plus.com/web/?type ... earchTerms}, Dobré: (www.google.com/), Špatné: (http://isearch.omiga-plus.com/web/?type ... earchTerms}),,[e7dc3968d5a62511d37d8f109371e11f]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[388b61403e3dc96d3abd00a9966ec53b]

Složky: 0
(No malicious items detected)

Soubory: 14
PUP.Optional.Norpalla.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Norpalla\NorpallaBHO.dll.vir, , [5c674a57b4c782b4ba96c9a5936e619f],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir, , [7350bae7ed8e7abc4f62d0bd8e737090],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir, , [992a920f2d4e73c3159cd9b4c839d42c],
PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, , [ffc4fba66b10979ff8ebff7138c9a65a],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir, , [8e35aaf76e0da0968d24eca1a160d42c],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir, , [14af8d1493e8a98dae03bad3a160e719],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, , [6e55ebb64635c670570d401e09f840c0],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, , [457e1a873e3dca6c4b1bc07558a8a15f],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [b013cdd4aad14ee8d391a8b6b24fb050],
PUP.Optional.WPM.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [16ada8f9a8d31d1999c4dfb289786f91],
PUP.Optional.SearchHijacker.A, C:\Users\Pepik\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe, , [497a5f42de9dd462e3105348bc4519e7],
PUP.Optional.MultiPlug, C:\Users\Pepik\AppData\Local\Temp\trzA549.tmp, , [794a911082f9e84ed87f2e6fe31e22de],
PUP.Optional.Preload, C:\Users\Pepik\Downloads\trzEF4F.tmp, , [467deab7007b8da942576436738ee818],
PUP.Optional.Norpalla.A, C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\firefox@norpalla.com.xpi, , [ccf79a073d3eff37bf147ba6af5558a8],

Fyzické sektory: 0
(No malicious items detected)

(end)

#23 Příspěvek od **Márty84** » 20 črc 2014 17:53

Vsechny nalezy MBAM hodte do karanteny a restartujte pc.

Napiste mi velikost adresare plochy (C:\Users\Pepik\Desktop)

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files (x86)\Mozilla Firefox\searchplugins\omiga-plus.xml
C:\Program Files (x86)\SupTab
C:\Program Files (x86)\Norpalla

:otl
FF - prefs.js..browser.search.defaultenginename: "omiga-plus"
FF - prefs.js..browser.search.selectedEngine: "omiga-plus"
FF - prefs.js..browser.startup.homepage: "http://isearch.omiga-plus.com/?type=hp&ts=1405768396&from=epom2&uid=WDCXWD5000BPVT-22HXZT3_WD-WX71E71ZJ863ZJ863"
FF - prefs.js..extensions.enabledAddons: firefox%40norpalla.com:1.0.1
[2014/02/28 23:25:42 | 000,008,575 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\firefox@norpalla.com.xpi
[2014/07/19 13:13:16 | 000,000,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\omiga-plus.xml
CHR - homepage: http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
O2 - BHO: (Norpalla) - {78f5a1e7-dd0d-49f9-871b-1889c9729861} - C:\Program Files (x86)\Norpalla\NorpallaBHO.dll (Norpalla)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O15 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/07/19 13:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/19 13:13:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/19 13:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/19 13:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/07/19 13:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norpalla
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[59 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78f5a1e7-dd0d-49f9-871b-1889c9729861}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloaderUltimate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NHL® 09 Registration.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Assassin.LNK] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Polska Pasha · #24 Příspěvek od **Polska Pasha** » 20 črc 2014 19:22

Zdravim,mam problem.Kdyz to OTL zapnu a dam opravit tak mi to zamrzne a nic s tim nejde dělat co s tim?

#25 Příspěvek od **Márty84** » 20 črc 2014 19:28

Provedte to v nouzovem rezimu

Polska Pasha · #26 Příspěvek od **Polska Pasha** » 20 črc 2014 19:32

V nouzovem rezimu sem to zapnul

#27 Příspěvek od **Márty84** » 20 črc 2014 19:33

A urcite je to zamrzle? Hodi to nejakou hlasku?

Polska Pasha · #28 Příspěvek od **Polska Pasha** » 20 črc 2014 19:35

Pise mi to ze to neodpovida a s pocitacem se neda nic delat a OTL se proste sekne.

#29 Příspěvek od **Márty84** » 20 črc 2014 19:55

Zkuste to jeste jednou, s timto upravenym skriptem.

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files (x86)\Mozilla Firefox\searchplugins\omiga-plus.xml
C:\Program Files (x86)\SupTab
C:\Program Files (x86)\Norpalla

:otl
FF - prefs.js..browser.search.defaultenginename: "omiga-plus"
FF - prefs.js..browser.search.selectedEngine: "omiga-plus"
FF - prefs.js..browser.startup.homepage: "http://isearch.omiga-plus.com/?type=hp&ts=1405768396&from=epom2&uid=WDCXWD5000BPVT-22HXZT3_WD-WX71E71ZJ863ZJ863"
FF - prefs.js..extensions.enabledAddons: firefox%40norpalla.com:1.0.1
[2014/02/28 23:25:42 | 000,008,575 | ---- | M] () (No name found) -- C:\Users\Pepik\AppData\Roaming\mozilla\firefox\profiles\6icesh4i.default\extensions\firefox@norpalla.com.xpi
[2014/07/19 13:13:16 | 000,000,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\omiga-plus.xml
CHR - homepage: http://isearch.omiga-plus.com/?type=hp& ... ZJ863ZJ863
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Pepik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
O1 - Hosts: 178.217.187.203 master.serwery.wiaderko.com
O2 - BHO: (Norpalla) - {78f5a1e7-dd0d-49f9-871b-1889c9729861} - C:\Program Files (x86)\Norpalla\NorpallaBHO.dll (Norpalla)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O15 - HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/07/19 13:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/19 13:13:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/19 13:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/19 13:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/07/19 13:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norpalla
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[59 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78f5a1e7-dd0d-49f9-871b-1889c9729861}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloaderUltimate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NHL® 09 Registration.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Assassin.LNK] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk] /64

Polska Pasha · #30 Příspěvek od **Polska Pasha** » 21 črc 2014 08:20

Tak tentokrat mi to jede 2 sekundy a pak mi najede modra obrazovka

VIRY.CZ

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka