VIRY.CZ

Nějak narostlo využití RAM, stdrt si bralo něco přes 600 mb, tak jsem ho přes správce vypl.

Udelejte znovu prosim SystemLook

SystemLook 30.07.11 by jpshortstuff
Log created at 18:02 on 22/05/2012 by Jakub
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "stdrt.exe"
C:\Windows\Temp\mrt931A.tmp\stdrt.exe --a---- 372736 bytes [13:15 22/05/2012] [13:15 22/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
C:\Windows\Temp\mrtA17C.tmp\stdrt.exe --a---- 372736 bytes [12:38 22/05/2012] [12:38 22/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
C:\_OTM\MovedFiles\05222012_143546\C_Windows\temp\mrt9C00.tmp\stdrt.exe --a---- 372736 bytes [12:10 22/05/2012] [12:10 22/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2

-= EOF =-

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Windows\Temp\mrt931A.tmp\stdrt.exe
C:\Windows\Temp\mrtA17C.tmp\stdrt.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

cože nic to nenašlo? nejak to nechapu

https://www.virustotal.com/file/7766978 ... 337704658/
https://www.virustotal.com/file/7766978 ... 337704826/

Co jsem nasel, tak muze mit neco spolecneho i s legitimnim .NET Frameworkem

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

hotovo ale nevsiml jsem si zadne zmeny

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL Extras logfile created on: 23.5.2012 1:00:13 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jakub\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 63,53% Memory free
7,99 Gb Paging File | 6,14 Gb Available in Paging File | 76,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,74 Gb Total Space | 17,41 Gb Free Space | 28,67% Space Free | Partition Type: NTFS
Drive D: | 534,86 Gb Total Space | 304,77 Gb Free Space | 56,98% Space Free | Partition Type: NTFS
Drive G: | 5,41 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JAKUB-PC | User Name: Jakub | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = Word Reader-TXT] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.txt [@ = Word Reader-TXT] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04583AD4-D3A1-4CF4-B1C2-53729B8465BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{069708A2-79CE-4159-B9E8-CB398BA1D9C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{0CDDD3FB-3770-4D68-A810-BE8D874D59DD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12DD605F-EC67-4CEA-AD24-9817AB291DC4}" = rport=137 | protocol=17 | dir=out | app=system |
"{193BEC28-61E6-47A2-8446-D0D731A7C490}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F90029F-7FFB-49BF-929C-68C8EF622619}" = rport=138 | protocol=17 | dir=out | app=system |
"{29E3FCEA-1C01-4B30-991F-8B1F32C21D01}" = lport=138 | protocol=17 | dir=in | app=system |
"{36E61271-E8ED-41FA-9D0F-7C7F10235C77}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57E8C952-9D1B-4791-9C88-90C7421DE0B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71C5318C-3D23-467A-9560-309DD20C86D7}" = lport=445 | protocol=6 | dir=in | app=system |
"{76B8A396-42AC-46DF-871A-5C7BFDD7E5BA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{92F4D668-CD62-4427-833E-6CCF6B6AFC1F}" = lport=137 | protocol=17 | dir=in | app=system |
"{9FFFD69B-3737-448A-9EBF-D089399B245C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A2751245-78E8-438B-8EFA-10473022835D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AFDC0172-47C6-4853-AC98-9F609B16BED1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B15568AF-C2DC-4B0C-BCBC-540C1A3FECB6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BAB94530-29BD-49C6-93EA-287345E206E9}" = rport=139 | protocol=6 | dir=out | app=system |
"{C48B4BD5-4E96-4CE2-90DA-8F25B1D392B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF578EF7-2F85-4274-B0E9-D4AE9D19C593}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D2452790-C66D-4D7D-8FAA-20197E4C88CA}" = lport=139 | protocol=6 | dir=in | app=system |
"{EC7C7F71-F2F0-49BA-9FB1-E550C9FDEAF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B76AC8-D4AE-4CBF-90AA-6BAA86CFC879}" = protocol=58 | dir=in | app=system |
"{05110407-9438-472D-9F73-4977EB0B6622}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{0C4DB9EA-6DBA-4499-BF64-98A04C88EC8F}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{156F5699-3E57-4A2A-B1BF-991AB2070B65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B5E5DF0-6154-4EF2-A4D1-C884B9B183F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1BD88DA0-02FA-4AC7-A960-DC38A3DA61A3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1C5A4B63-BEB0-45A6-BD8A-39F8F9041AAE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2554CF52-23C2-4860-9410-CBAC23A5A87F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2569B293-1D71-412C-842B-9F38F3431B86}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2950BB4E-790C-49D6-8AC6-7D275E0170D5}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{302A97F9-CA6A-40F0-91EE-EE0B8A88C09B}" = protocol=6 | dir=in | app=c:\users\jakub\appdata\local\akamai\netsession_win.exe |
"{3D6073A9-4997-4EF0-9FEE-6FCA2ED898C2}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{43A93A04-F58F-43B4-959C-EA6A760A9791}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{46DDD4A4-8A95-4ECE-90BD-0B29092DE58C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4CEF884A-E60F-4F6C-A060-5C0A7B2EAE22}" = protocol=17 | dir=in | app=d:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe |
"{4DA0D2D6-8633-4620-A0CC-281355B8ABCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4EC4BD3C-E9A1-4024-9868-E32EB6C49A4E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4F5C8179-65ED-4012-8A39-A332E39ED26B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56C3E914-C460-4A70-BDE6-FC97F2DCB620}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63176603-CAEA-43A2-B3C3-3632C95EE0A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64A75B71-C5DF-4D9B-9164-2FC5C594470C}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{6504CD7D-ED19-47BB-8496-4E5209BF811E}" = protocol=6 | dir=out | app=system |
"{7E761DED-E5F8-4275-A84D-B3CA06D2017D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E7D21B3-99AE-42E3-888A-E73F2B50C311}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{96E7C91B-C2C1-4094-BBDF-E4907E1E1AAD}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{AB207026-6524-47CE-B6AF-F775A0BBB10F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB8642B8-6A91-43A2-86C7-1902AB6E0B12}" = protocol=6 | dir=in | app=d:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe |
"{AE6426B1-EA98-4055-B3C1-F323C9FE9BB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B07A87A2-A0B8-4493-8FF1-33CDE2CE0E21}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B80D1BC1-8CFD-42BD-AA18-2FBA5DA69C0B}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{B80D6846-5025-4BE5-B5CB-498F19CB8481}" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"{BE498438-0910-4835-99D3-D14B3867583E}" = protocol=17 | dir=in | app=c:\users\jakub\appdata\local\akamai\netsession_win.exe |
"{C20126E4-618E-43D3-A443-EFBD12665C62}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{C68484EA-A517-4CC4-82BC-A0ACF1A2CBEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC83F52C-E3D1-4A25-B28D-A22619B8E287}" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"{E75F454A-56F0-4E4A-9BD5-E41F461FB924}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0518AE14-0D20-4638-B71D-7854515FE095}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"TCP Query User{14D5B473-0FD9-4C1D-8637-266FBD0A0605}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{432DD5D0-A8B1-425D-9A86-B82DCDA74DD0}D:\program files (x86)\fifa 12 [multi5] cz\fifa 12 [multi5] cz\game\fifa.exe" = protocol=6 | dir=in | app=d:\program files (x86)\fifa 12 [multi5] cz\fifa 12 [multi5] cz\game\fifa.exe |
"TCP Query User{484FAF66-4B05-4505-96BE-A56267436B9A}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{57B43267-B0BA-4AAD-A289-C7039C7382DE}D:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=d:\program files (x86)\tmunitedforever\tmforever.exe |
"TCP Query User{73C19545-F6B2-4D95-A6C3-B9B9D3070EED}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7D6C333A-F1C0-43B9-8E4C-E99FEC7D1CAA}D:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe" = protocol=6 | dir=in | app=d:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe |
"TCP Query User{7FC1177B-FD2B-401F-9EC5-670078C39FC2}D:\program files (x86)\codemasters\dirt 3\dirt3_game.exe" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"TCP Query User{CF873332-F304-47E2-941B-6A20096A80F8}D:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{D36B8F5A-F347-47AB-BE29-894721F23CC8}C:\users\jakub\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jakub\appdata\local\akamai\netsession_win.exe |
"TCP Query User{EA31B13D-E7FD-4099-8AEF-D8EEA294301D}D:\hry\trackmania 2\maniaplanet.exe" = protocol=6 | dir=in | app=d:\hry\trackmania 2\maniaplanet.exe |
"UDP Query User{305CDFE8-B0DB-4992-841B-59CE1A719A81}D:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe" = protocol=17 | dir=in | app=d:\program files (x86)\1c company\off-road drive\binaries\win32\shippingpc-pp3workgame.exe |
"UDP Query User{7264AFCE-AD27-4FDA-B53A-6FA38416F2D2}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{755C2529-A8D6-4BF1-9D28-6FA56CC8143B}D:\hry\trackmania 2\maniaplanet.exe" = protocol=17 | dir=in | app=d:\hry\trackmania 2\maniaplanet.exe |
"UDP Query User{8020CDEA-8196-49B5-81CF-0EF0B24D4A8E}C:\users\jakub\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jakub\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8D5A0ADF-848A-48DA-AD60-FF0575C3BD97}D:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{C641DF6F-F990-4A77-A436-03BC077A5334}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E75484AB-1D13-432A-8AF8-91446A32575C}D:\program files (x86)\codemasters\dirt 3\dirt3_game.exe" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"UDP Query User{F306A8F9-F8A0-4960-8CAB-505264770E3E}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{F40AB147-D867-422C-8CFC-65BAFE45FF72}D:\program files (x86)\fifa 12 [multi5] cz\fifa 12 [multi5] cz\game\fifa.exe" = protocol=17 | dir=in | app=d:\program files (x86)\fifa 12 [multi5] cz\fifa 12 [multi5] cz\game\fifa.exe |
"UDP Query User{F525DE0B-DEB4-435C-B669-6D81F0641E31}D:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=d:\program files (x86)\tmunitedforever\tmforever.exe |
"UDP Query User{FE179BBD-09C0-4930-8594-F97D11020EE5}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1111706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 (64-bit)
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java(TM) 6 Update 31 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F352F3C-160B-713A-A031-18293EC4CA5A}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4 (64-bit)
"{78E9970B-4395-61A6-B912-1CC406174773}" = AMD Catalyst Install Manager
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7A80B61A-72A1-7800-C4B0-855F056243DA}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{96F12D74-C53F-6276-73CB-851E73482270}" = AMD Drag and Drop Transcoding
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C4171DD9-EED6-2613-312A-FC8E168E7C3B}" = AMD Accelerated Video Transcoding
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{F07AB5E8-014A-5983-A054-E70B828BC42D}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02480932-C787-4634-9FF6-483EC2E3FB16}" = MUD - FIM Motocross World Championship
"{05DCB19F-234A-7E88-522D-4C90F3D501EE}" = CCC Help Chinese Standard
"{0825DB8F-54A6-1964-3E8E-D9548777447E}" = CCC Help Greek
"{0B0116D6-60DD-9DDB-39A3-B9E82EB82FFA}" = CCC Help Finnish
"{0D6F13C8-83EE-5B1E-AFA2-D048118F8E17}" = CCC Help Swedish
"{0E9E7F27-15EA-C664-796F-BF0B51FAA8D2}" = CCC Help Danish
"{1204BC47-3822-B05A-ED32-987F3653A954}" = Catalyst Control Center Graphics Previews Common
"{1577F264-A7FC-5A53-823B-D1EDF32D611D}" = CCC Help Japanese
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26C5D4C6-E7EC-64B2-E119-549D9B271820}" = CCC Help Turkish
"{28241D8C-C149-57A3-9659-6C1C2F3588C5}" = CCC Help Czech
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{32C09AEA-BCAE-4595-0A9E-1DA30A0CA936}" = CCC Help English
"{3880E12E-99E8-0191-B947-498F87E360E1}" = CCC Help Korean
"{3C8BD1B0-5E91-573D-A5F5-B80430D30436}" = CCC Help Spanish
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{4026AEE5-528D-72E8-9A23-C51C7EBCB124}" = CCC Help Norwegian
"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance
"{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8FD0B6-CFC9-E468-357C-E6EAA83EE2EB}" = CCC Help German
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53A5DF5E-E0B2-64D7-9908-500B590B0C7F}" = CCC Help Polish
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{59C45031-B4B1-EAA3-01B3-23FF59A1DDB5}" = CCC Help Thai
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A0F8AC-61F6-4C86-D448-7EB8C066A0F3}" = CCC Help French
"{75430901-2556-AAAF-C31A-CB35BEE5DB71}" = CCC Help Hungarian
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8651BEDC-F331-8263-B856-696194F55B9A}" = CCC Help Russian
"{8D4F1C64-4E17-9532-E0DC-A08E2A7A7502}" = CCC Help Chinese Traditional
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD17B01-2356-455D-5397-1BED89DFA07F}" = CCC Help Dutch
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1" = Bau-Simulator 2012 Version 1.0
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{BA0D0121-A3BA-487D-9C78-7AB0E676C722}" = Miroslav Philharmonik
"{BB87040F-C72D-69D8-356B-F7ABE8FD792E}" = CCC Help Portuguese
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C4625A3D-F9A3-D5F4-F60F-2BB24DCC1C01}" = AMD VISION Engine Control Center
"{C9CF43F4-CFFA-629E-C2EF-D5F330D593F4}" = Catalyst Control Center InstallProxy
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{D1F1E4D2-D2D3-4391-92EF-F63A79A67B36}" = MUD - FIM Motocross World Championship
"{DFDDBC6C-54F0-A526-40C5-E3DC41BD4098}" = CCC Help Italian
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F06119B1-23C6-8EB7-D8B9-1EDBAC8B254A}" = Catalyst Control Center Localization All
"{F1100000-0011-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FCFCFCFC-FCFC-FCFC-FCFC-FCFCFCFCFCFC}_is1" = DiRT 3 Profile Import version 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"Bejeweled 31.0" = Bejeweled 3
"Crazy Machines Elements_is1" = 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"East West EWQLSO Gold Edition" = East West EWQLSO Gold Edition
"East West Stormdrum Kompakt" = East West Stormdrum Kompakt
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"FL Studio 10" = FL Studio 10
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"Google Chrome" = Google Chrome
"Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 2.2.0.5
"Chameleon Shutdown" = Chameleon Shutdown 1.0
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Monster Garage" = Monster Garage
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Akoustik Piano" = Native Instruments Akoustik Piano
"Native Instruments B4 II" = Native Instruments B4 II
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Elektrik Piano 1.5" = Native Instruments Elektrik Piano 1.5
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Komplete 5" = Native Instruments Komplete 5
"Native Instruments Kontakt 3" = Native Instruments Kontakt 3
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Pro-53" = Native Instruments Pro-53
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Postal 2_is1" = Portal 2
"Rainmeter" = Rainmeter
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RocketDock_is1" = RocketDock 1.3.5
"Skoki Narciarskie 2006" = Skoki Narciarskie 2006
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
"Summer Athletics 2009_is1" = Summer Athletics 2009
"TmNationsForever_is1" = TmNationsForever
"TmUnitedForever_is1" = TmUnitedForever
"Totalcmd" = Total Commander (Remove or Repair)
"Tower Bloxx Deluxe1.0" = Tower Bloxx Deluxe
"TrackMania 2_is1" = TrackMania 2
"Trucks & Trailers" = Trucks & Trailers 1.00
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.0

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Se vam to nejak zacyklilo a Extras tu byl asi 5x, tak jsem je odmaznul...Ale OTL.txt tu nebyl ani jednou, takze o nej poprosim

A taktez poprosim o screen te mrchy co je vedle hlasitosti, jak jsem psal do PMky

OTL logfile created on: 23.5.2012 1:00:13 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jakub\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 63,53% Memory free
7,99 Gb Paging File | 6,14 Gb Available in Paging File | 76,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,74 Gb Total Space | 17,41 Gb Free Space | 28,67% Space Free | Partition Type: NTFS
Drive D: | 534,86 Gb Total Space | 304,77 Gb Free Space | 56,98% Space Free | Partition Type: NTFS
Drive G: | 5,41 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JAKUB-PC | User Name: Jakub | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.05.23 00:57:33 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jakub\Desktop\OTL.exe
PRC - [2012.05.23 00:49:41 | 000,372,736 | ---- | M] ( ) -- C:\Windows\Temp\mrtB106.tmp\stdrt.exe
PRC - [2012.05.15 20:04:52 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.22 19:11:20 | 000,818,952 | ---- | M] (ABBYY) -- D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
PRC - [2010.03.03 22:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.03.03 22:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.03 22:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll
MOD - [2012.05.09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012.05.09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012.05.09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012.05.09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012.05.09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012.05.09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012.05.09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
MOD - [2009.05.20 15:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012.03.10 08:31:19 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2012.02.15 05:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.02.14 23:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.04.07 17:37:16 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010.03.17 20:03:56 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.05.22 19:25:11 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.15 20:04:52 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.04.21 08:39:30 | 000,905,154 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lnsecsl.exe -- (Adobe Licensing Console)
SRV - [2012.04.21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.22 19:11:20 | 000,818,952 | ---- | M] (ABBYY) [Auto | Running] -- D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.11.0)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 22:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.14 19:23:00 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.03.10 09:10:55 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.10 08:31:19 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.03.10 08:31:19 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 05:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.02.15 04:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011.12.05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.03.09 07:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.18 16:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.08.23 18:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.04.06 09:13:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2009.04.06 09:13:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.05.14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... e4004edba0
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.22 13:35:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.05.22 13:35:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakub\AppData\Roaming\Mozilla\Extensions
[2012.05.22 13:35:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 05:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 05:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 05:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 05:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 05:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - Extension: YouTube = C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.05.22 14:36:04 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Bonus.SSR.FR11] D:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe (ABBYY.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000..\Run: [Akamai NetSession Interface] "C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.1)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD2CFF7-FC72-44FD-9BE6-E31FE12CF6A3}: DhcpNameServer = 62.129.50.20 85.135.32.100
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.29 11:55:00 | 000,419,088 | R--- | M] (Electronic Arts) - G:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2009.08.26 19:25:38 | 000,000,000 | R--D | M] - G:\Autorun -- [ UDF ]
O32 - AutoRun File - [2009.08.26 18:37:54 | 024,725,504 | R--- | M] () - G:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2009.08.26 19:25:34 | 000,000,148 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.05.23 00:57:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jakub\Desktop\OTL.exe
[2012.05.22 23:07:34 | 000,000,000 | ---D | C] -- C:\Users\Jakub\Documents\NHL09
[2012.05.22 19:25:04 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.05.22 19:18:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012.05.22 18:48:39 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.22 15:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.22 15:17:55 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.05.22 15:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.22 14:07:56 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.05.22 14:06:51 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\Jakub\Desktop\OTM.exe
[2012.05.22 13:35:09 | 000,000,000 | ---D | C] -- C:\Users\Jakub\AppData\Local\Mozilla
[2012.05.22 13:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.05.22 13:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.22 13:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.05.22 09:29:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.05.22 09:12:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.05.22 09:12:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.05.22 09:12:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.05.22 09:12:04 | 004,501,379 | R--- | C] (Swearware) -- C:\Users\Jakub\Desktop\ComboFix.exe
[2012.05.19 01:31:16 | 000,000,000 | ---D | C] -- C:\Users\Jakub\AppData\Roaming\Pogo
[2012.05.19 01:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Pogo
[2012.05.19 01:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012.05.19 01:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74

========== Files - Modified Within 7 Days ==========

[2012.05.23 01:05:04 | 000,020,950 | ---- | M] () -- C:\Windows\SysWow64\key.dat
[2012.05.23 01:02:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.23 00:57:33 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jakub\Desktop\OTL.exe
[2012.05.23 00:57:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.23 00:57:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.23 00:49:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.23 00:49:09 | 3219,886,080 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.23 00:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.22 20:12:25 | 001,476,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.22 20:12:25 | 000,633,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.05.22 20:12:25 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.22 20:12:25 | 000,122,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.05.22 20:12:25 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.22 19:25:09 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.22 19:25:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.22 19:25:04 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.05.22 15:17:56 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.22 14:36:04 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.05.22 14:06:44 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\Jakub\Desktop\OTM.exe
[2012.05.22 13:35:03 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.05.22 11:54:35 | 000,139,264 | ---- | M] () -- C:\Users\Jakub\Desktop\SystemLook.exe
[2012.05.22 09:14:30 | 000,001,204 | ---- | M] () -- C:\CF-Submit.htm
[2012.05.20 20:14:09 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss
[2012.05.20 20:14:09 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat
[2012.05.20 18:35:25 | 000,028,426 | ---- | M] () -- C:\Users\Jakub\Documents\cc_20120520_183522.reg
[2012.05.19 20:07:16 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

========== Files Created - No Company Name ==========

[2012.05.23 01:02:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.22 18:48:41 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.22 15:50:03 | 000,064,835 | ---- | C] () -- C:\Windows\SysWow64\key.dat
[2012.05.22 15:17:56 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.22 13:35:03 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.05.22 13:35:03 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.05.22 11:54:44 | 000,139,264 | ---- | C] () -- C:\Users\Jakub\Desktop\SystemLook.exe
[2012.05.22 09:14:30 | 000,001,204 | ---- | C] () -- C:\CF-Submit.htm
[2012.05.22 09:12:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.05.22 09:12:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.05.22 09:12:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.05.22 09:12:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.05.22 09:12:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.05.20 18:35:24 | 000,028,426 | ---- | C] () -- C:\Users\Jakub\Documents\cc_20120520_183522.reg
[2012.05.15 20:04:53 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.15 20:04:45 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.14 21:26:45 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini
[2012.04.21 08:39:28 | 000,905,154 | ---- | C] ( ) -- C:\Windows\SysWow64\lnsecsl.exe
[2012.03.23 20:01:42 | 000,000,080 | ---- | C] () -- C:\Users\Jakub\AppData\Local\X-Plane Installer.prf
[2012.03.16 16:57:09 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.10 21:06:16 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2012.03.10 08:39:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.14 23:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012.05.22 11:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\.minecraft
[2012.05.20 18:13:47 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\.techniclauncher
[2012.05.06 21:22:00 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Audacity
[2012.03.24 11:18:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Babylon
[2012.05.20 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
[2012.05.02 14:36:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Milestone
[2012.04.15 16:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Notepad++
[2012.05.19 01:31:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Pogo
[2012.05.09 00:00:43 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Propellerhead Software
[2012.03.10 13:55:08 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Rainmeter
[2012.04.09 09:08:17 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Sierra Entertainment
[2012.04.29 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\SpinTires
[2012.03.27 21:44:08 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Steinberg
[2012.04.07 14:47:40 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Summer Athletics 2009
[2012.03.19 21:47:05 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\TunkDesign Inc
[2012.05.23 00:42:37 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\uTorrent
[2009.07.14 07:08:49 | 000,010,460 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.05.22 11:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\.minecraft
[2012.05.20 18:13:47 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\.techniclauncher
[2012.05.11 22:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\ABBYY
[2012.03.24 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Adobe
[2012.03.10 08:41:27 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\ATI
[2012.05.06 21:22:00 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Audacity
[2012.03.24 11:18:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Babylon
[2012.05.20 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
[2012.03.10 08:22:12 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Identities
[2012.03.10 08:31:21 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\InstallShield
[2012.03.10 09:17:03 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Macromedia
[2012.04.21 10:34:27 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Media Center Programs
[2012.05.12 00:52:21 | 000,000,000 | --SD | M] -- C:\Users\Jakub\AppData\Roaming\Microsoft
[2012.05.02 14:36:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Milestone
[2012.05.22 13:35:14 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Mozilla
[2012.04.15 16:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Notepad++
[2012.05.19 01:31:16 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Pogo
[2012.05.09 00:00:43 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Propellerhead Software
[2012.03.10 13:55:08 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Rainmeter
[2012.03.10 10:09:16 | 000,000,000 | RH-D | M] -- C:\Users\Jakub\AppData\Roaming\SecuROM
[2012.04.09 09:08:17 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Sierra Entertainment
[2012.05.23 00:50:48 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Skype
[2012.04.29 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\SpinTires
[2012.03.27 21:44:08 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Steinberg
[2012.04.07 14:47:40 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\Summer Athletics 2009
[2012.03.19 21:47:05 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\TunkDesign Inc
[2012.05.23 00:42:37 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\uTorrent
[2012.05.22 20:53:06 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\vlc
[2012.03.10 09:11:23 | 000,000,000 | ---D | M] -- C:\Users\Jakub\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.03.10 08:56:45 | 000,278,561 | ---- | M] () -- C:\Users\Jakub\AppData\Roaming\.minecraft\Minecraft.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.05.23 00:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.05.22 19:25:09 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.05.22 19:25:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.05.22 19:25:04 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerInstaller.exe
[2012.05.23 01:18:21 | 000,000,105 | ---- | M] () -- C:\Windows\system32\get.dat
[2012.05.23 01:17:52 | 000,063,809 | ---- | M] () -- C:\Windows\system32\key.dat
[2012.05.20 20:14:09 | 000,000,016 | ---- | M] () -- C:\Windows\system32\w3data.vss

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.02.13 10:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.04.05 11:41:28 | 017,356,424 | R--- | M] (Skype Technologies S.A.)
"Akamai NetSession Interface" = "C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe"

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.03.10 08:44:04 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.05.09 05:04:54 | 001,240,048 | ---- | M] (Google Inc.) MD5=A7F80FD4BA188EE39735FFA90D338ABA -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.23 01:02:31 | 000,000,512 | ---- | M] () MD5=1B185CA5E70C39692F6D2DD8FFC5747A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.07.27 15:45:26 | 000,357,978 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Absynth 4\Samples\23 - Preset Samples\Absynth 4\Crackles_BIO.wav
[2005.03.18 15:36:18 | 000,000,792 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Kontakt 3\presets\effects\convolution\02 Drum Reverbs\0_4s_FirecrackerSnare_Orven.nkp
[2005.02.25 15:57:56 | 000,074,864 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Kontakt 3\presets\effects\convolution\02 Drum Reverbs\IR Samples\Firecracker Snare.wav
[2007.07.27 13:23:36 | 000,016,205 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\Absynth 3\Crackling Water Bottles.ksd
[2008.05.29 21:18:54 | 000,015,180 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\Absynth 4\Absynth 3 Factory\Crackling Water Bottles.ksd
[2007.07.27 13:34:24 | 000,051,253 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM7\Beam Cracker Bass.ksd
[2007.07.27 13:34:26 | 000,040,362 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM7\CracklePhone.ksd
[2007.05.03 11:59:12 | 000,001,575 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM8\FM7 Factory\Beam Cracker Bass.ksd
[2007.05.03 11:59:48 | 000,001,285 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\FM8\FM7 Factory\CracklePhone.ksd
[2008.05.28 01:19:56 | 000,002,432 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\Massive\Crackle Carl.ksd
[2008.05.28 01:19:56 | 000,002,061 | ---- | M] () -- \Program Files (x86)\Common Files\Native Instruments\Shared Content\Sounds\Massive\Digitoy Crackle.ksd
[2011.09.21 17:00:00 | 000,001,348 | ---- | M] () -- \Program Files\Common Files\Native Instruments\Kontakt 5\presets\Effects\Convolution\05 Drum Reverbs\0.4s Firecracker Snare Orven.nkp
[2011.09.21 17:00:00 | 000,074,864 | ---- | M] () -- \Program Files\Common Files\Native Instruments\Kontakt 5\presets\Effects\Convolution\05 Drum Reverbs\IR Samples\Firecracker Snare.wav
[2012.03.11 08:58:04 | 000,357,986 | ---- | M] () -- \Users\Jakub\AppData\Local\GameHouse\Bejeweled3\cached\sounds\firework_crackle.wav
[2012.03.22 19:40:52 | 000,011,568 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\Dirt.3.Complete.Edition.CrackFix.READNFO-FiGHTCLUB.torrent
[2012.04.15 19:29:23 | 000,000,750 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\FIFA 12 - RELOADED CRACK only.torrent
[2012.04.15 19:30:27 | 000,009,917 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\FIFA.12.Crack.Only-RELOADED.torrent
[2012.05.03 13:06:18 | 000,003,935 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\Minecraft 1.2.5 Cracked [Online]- [Updatable]- [Server List].rar.torrent
[2012.04.13 18:55:50 | 000,011,375 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent
[2012.04.08 15:31:12 | 000,117,391 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\TrackMania 2 Canyon Full CRACKED-P2P.torrent

< *keygen* /s >
[2012.04.13 18:55:50 | 000,011,375 | ---- | M] () -- \Users\Jakub\AppData\Roaming\uTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent

< *loader* /s >
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2009.10.17 16:16:20 | 000,081,405 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\černobílé\Black & White Elegant Icons\Orbit-Downloader.png
[2010.02.09 16:00:18 | 000,121,834 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\černobílé\Black&WhiteElegant Bonus 2\JDownloader.png
[2009.12.10 20:20:08 | 000,068,830 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\černobílé\Black&WhiteElegant Bonus Pack\Rapidshare-Downloader.png
[2009.11.02 14:30:06 | 000,121,574 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\černobílé\Black&WhiteElegant Bonus Pack\Vdownloader.png
[2009.11.10 18:51:04 | 000,078,958 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\černobílé\Black&WhiteElegant Bonus Pack\YouTube-Downloader.png
[2012.05.10 22:41:34 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.05.10 22:41:35 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.05.10 22:41:46 | 001,128,953 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.05.10 22:41:44 | 000,006,195 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.05.10 22:41:44 | 000,005,830 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.05.10 22:41:49 | 000,000,456 | ---- | M] () -- \Program Files\Java\jdk1.7.0_04\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.08.31 17:40:17 | 000,738,632 | ---- | M] () -- \Program Files\Native Instruments\Service Center\Reloader.exe
[2012.04.04 18:40:16 | 000,013,191 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.ErrorNotification.html
[2012.04.04 18:40:16 | 000,020,412 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.html
[2012.04.04 18:40:16 | 000,006,577 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.PreloaderNotification.html
[2012.04.04 18:40:16 | 000,010,547 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.ProgressNotification.html
[2012.04.04 18:40:16 | 000,015,062 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.html
[2012.04.04 18:40:16 | 000,014,394 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.Type.html
[2012.04.04 18:40:16 | 000,006,822 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.ErrorNotification.html
[2012.04.04 18:40:16 | 000,004,429 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.html
[2012.04.04 18:40:16 | 000,009,241 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.PreloaderNotification.html
[2012.04.04 18:40:16 | 000,006,873 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.ProgressNotification.html
[2012.04.04 18:40:16 | 000,006,957 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.html
[2012.04.04 18:40:16 | 000,011,145 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.Type.html
[2012.04.04 18:40:22 | 000,010,357 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.Attribute.html
[2012.04.04 18:40:22 | 000,013,135 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ControllerMethodEventHandler.html
[2012.04.04 18:40:22 | 000,014,713 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.CopyElement.html
[2012.04.04 18:40:22 | 000,013,264 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.DefineElement.html
[2012.04.04 18:40:22 | 000,022,847 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.Element.html
[2012.04.04 18:40:22 | 000,014,095 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ExpressionTargetMapping.html
[2012.04.04 18:40:22 | 000,060,895 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.html
[2012.04.04 18:40:22 | 000,015,458 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.IncludeElement.html
[2012.04.04 18:40:22 | 000,017,089 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.InstanceDeclarationElement.html
[2012.04.04 18:40:22 | 000,014,851 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ObservableListChangeAdapter.html
[2012.04.04 18:40:22 | 000,015,260 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ObservableMapChangeAdapter.html
[2012.04.04 18:40:22 | 000,013,871 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyChangeAdapter.html
[2012.04.04 18:40:22 | 000,019,480 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyElement.html
[2012.04.04 18:40:22 | 000,014,762 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ReferenceElement.html
[2012.04.04 18:40:22 | 000,016,285 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptElement.html
[2012.04.04 18:40:22 | 000,012,580 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptEventHandler.html
[2012.04.04 18:40:22 | 000,015,657 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.UnknownStaticPropertyElement.html
[2012.04.04 18:40:22 | 000,016,810 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.UnknownTypeElement.html
[2012.04.04 18:40:22 | 000,013,360 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.UnknownTypeElement.UnknownValueMap.html
[2012.04.04 18:40:22 | 000,015,826 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\FXMLLoader.ValueElement.html
[2012.04.04 18:40:24 | 000,009,028 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Attribute.html
[2012.04.04 18:40:24 | 000,004,682 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ControllerMethodEventHandler.html
[2012.04.04 18:40:24 | 000,004,495 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.CopyElement.html
[2012.04.04 18:40:24 | 000,004,517 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.DefineElement.html
[2012.04.04 18:40:24 | 000,007,827 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Element.html
[2012.04.04 18:40:24 | 000,004,627 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ExpressionTargetMapping.html
[2012.04.04 18:40:24 | 000,008,968 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.html
[2012.04.04 18:40:24 | 000,004,528 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.IncludeElement.html
[2012.04.04 18:40:24 | 000,004,660 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.InstanceDeclarationElement.html
[2012.04.04 18:40:24 | 000,004,671 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ObservableListChangeAdapter.html
[2012.04.04 18:40:24 | 000,004,660 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ObservableMapChangeAdapter.html
[2012.04.04 18:40:24 | 000,004,605 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyChangeAdapter.html
[2012.04.04 18:40:24 | 000,006,567 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyElement.html
[2012.04.04 18:40:24 | 000,004,550 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ReferenceElement.html
[2012.04.04 18:40:24 | 000,004,517 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptElement.html
[2012.04.04 18:40:24 | 000,004,572 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptEventHandler.html
[2012.04.04 18:40:24 | 000,004,682 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownStaticPropertyElement.html
[2012.04.04 18:40:24 | 000,004,572 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownTypeElement.html
[2012.04.04 18:40:24 | 000,004,748 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownTypeElement.UnknownValueMap.html
[2012.04.04 18:40:24 | 000,004,506 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ValueElement.html
[2012.04.04 18:40:28 | 000,006,602 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\scene\control\UAStylesheetLoader.Holder.html
[2012.04.04 18:40:28 | 000,006,802 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\scene\control\UAStylesheetLoader.html
[2012.04.04 18:40:32 | 000,004,672 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\scene\control\class-use\UAStylesheetLoader.Holder.html
[2012.04.04 18:40:32 | 000,006,822 | ---- | M] () -- \Program Files\Oracle\JavaFX 2.1 SDK\docs\api\javafx\scene\control\class-use\UAStylesheetLoader.html
[2012.02.17 21:55:10 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.03.26 10:12:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.03.26 10:12:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.03.26 10:12:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.03.26 10:12:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.05.22 11:01:12 | 000,008,339 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.minecraft\ModLoader.txt
[2012.05.22 10:12:41 | 000,000,498 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.04.24 19:26:50 | 000,000,047 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.minecraft\config\mod_ModLoaderMp.cfg
[2012.05.13 09:09:49 | 000,032,922 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.techniclauncher\technicssp\ModLoader.txt
[2012.05.13 08:50:35 | 000,001,380 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.techniclauncher\technicssp\config\ModLoader.cfg
[2012.05.13 08:50:32 | 000,000,047 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.techniclauncher\technicssp\config\mod_MAtmos_forModLoader.cfg
[2012.05.13 08:50:23 | 000,000,047 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.techniclauncher\technicssp\config\mod_ModLoaderMp.cfg
[2012.05.08 11:12:21 | 000,001,980 | ---- | M] () -- \Users\Jakub\AppData\Roaming\.techniclauncher\technicssp\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2012.04.26 16:00:02 | 000,009,051 | ---- | M] () -- \Users\Jakub\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.04.26 16:00:02 | 000,016,119 | ---- | M] () -- \Users\Jakub\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.04.26 16:00:02 | 000,018,434 | ---- | M] () -- \Users\Jakub\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.04.26 16:00:02 | 000,009,283 | ---- | M] () -- \Users\Jakub\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.04.26 16:00:02 | 000,001,699 | ---- | M] () -- \Users\Jakub\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.05.20 18:33:40 | 000,000,593 | ---- | M] () -- \Users\Jakub\AppData\Roaming\Microsoft\Windows\Recent\ModLoader (1).lnk
[2012.05.20 18:39:18 | 000,000,593 | ---- | M] () -- \Users\Jakub\AppData\Roaming\Microsoft\Windows\Recent\ModLoader (2).lnk
[2012.05.21 15:23:05 | 000,001,218 | ---- | M] () -- \Users\Jakub\AppData\Roaming\Microsoft\Windows\Recent\ModLoader.lnk
[2012.05.21 15:22:37 | 000,001,248 | ---- | M] () -- \Users\Jakub\AppData\Roaming\Microsoft\Windows\Recent\mod_ModLoaderMp.lnk
[2012.05.12 11:32:24 | 000,103,347 | ---- | M] () -- \Users\Jakub\Downloads\ModLoader (1).zip
[2012.05.20 18:39:16 | 000,103,347 | ---- | M] () -- \Users\Jakub\Downloads\ModLoader (2).zip
[2012.05.12 11:24:00 | 000,103,347 | ---- | M] () -- \Users\Jakub\Downloads\ModLoader.zip
[2012.05.13 21:29:20 | 000,026,472 | ---- | M] () -- \Users\Jakub\Downloads\ModLoaderMP 1.2.5 v1.zip
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2010.11.20 13:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 15:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.20 09:34:54 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.05.03 12:45:42 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.20 09:34:54 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.05.03 12:45:42 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.03.11 18:27:48 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2012.03.11 18:27:48 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2012.03.11 18:27:48 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2012.03.11 18:27:48 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2012.03.11 18:27:48 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BC359956

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=fa9a4bee00000000000078e4004edba0
O4 - HKU\S-1-5-21-3997867176-2451664295-1965468521-1000..\Run: [Akamai NetSession Interface] "C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[2012.05.14 21:26:45 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini
[2012.04.21 08:39:28 | 000,905,154 | ---- | C] ( ) -- C:\Windows\SysWow64\lnsecsl.exe
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2012.05.23 00:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BC359956

:files
C:\Users\Jakub\AppData\Local\Akamai
C:\Windows\Temp\mrt*.tmp
adbcnsl.exe /alldrivers
txagent.exe /s
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zapl se jako střela

, stdrt jsem už v procesech nenašel. (tak zase jsem ho našel, potvora jedna

)

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry value HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\SysWOW64\tx14_ic.ini moved successfully.
File move failed. C:\Windows\SysWOW64\lnsecsl.exe scheduled to be moved on reboot.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP325A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9CDC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA795.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI9B52.tmp deleted successfully.
C:\Windows\Temp\CR_4D5B0.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_4D5B0.tmp folder deleted successfully.
C:\Windows\Temp\mrt9462.tmp\aviflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\bmpflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\Download.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\fliflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\Get.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\gifflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\jpgflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\KcBoxA.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\kcedit.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\kcfile.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\kclist.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\KcWebX.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\mmfs2.dll deleted successfully.
C:\Windows\Temp\mrt9462.tmp\pcxflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\pngflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\Registry2.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\stdrt.exe deleted successfully.
C:\Windows\Temp\mrt9462.tmp\tgaflt.ift deleted successfully.
C:\Windows\Temp\mrt9462.tmp\volume.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp\Yaso.mfx deleted successfully.
C:\Windows\Temp\mrt9462.tmp folder deleted successfully.
File delete failed. C:\Windows\Temp\mrtA939.tmp\aviflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\bmpflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\Download.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\fliflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\Get.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\gifflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\jpgflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\KcBoxA.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\kcedit.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\kcfile.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\kclist.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\KcWebX.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\mmfs2.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\pcxflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\pngflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\Registry2.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\stdrt.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\tgaflt.ift scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\volume.mfx scheduled to be deleted on reboot.
File delete failed. C:\Windows\Temp\mrtA939.tmp\Yaso.mfx scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\Temp\mrtA939.tmp scheduled to be deleted on reboot.
C:\Windows\Temp\mrtB106.tmp\aviflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\bmpflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\Download.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\fliflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\Get.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\gifflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\jpgflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\KcBoxA.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\kcedit.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\kcfile.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\kclist.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\KcWebX.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\mmfs2.dll deleted successfully.
C:\Windows\Temp\mrtB106.tmp\pcxflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\pngflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\Registry2.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\stdrt.exe deleted successfully.
C:\Windows\Temp\mrtB106.tmp\tgaflt.ift deleted successfully.
C:\Windows\Temp\mrtB106.tmp\volume.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp\Yaso.mfx deleted successfully.
C:\Windows\Temp\mrtB106.tmp folder deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\aviflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\bmpflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\Download.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\fliflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\Get.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\gifflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\jpgflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\KcBoxA.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\kcedit.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\kcfile.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\kclist.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\KcWebX.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\mmfs2.dll deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\pcxflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\pngflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\Registry2.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\stdrt.exe deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\tgaflt.ift deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\volume.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp\Yaso.mfx deleted successfully.
C:\Windows\Temp\mrtEE92.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
ADS C:\ProgramData\TEMP:BC359956 deleted successfully.
========== FILES ==========
File\Folder C:\Users\Jakub\AppData\Local\Akamai not found.
C:\Windows\Temp\mrtA939.tmp folder moved successfully.
Invalid Switch: alldrivers
File\Folder txagent.exe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jakub
->Temp folder emptied: 577715 bytes
->Temporary Internet Files folder emptied: 1135654 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 16784282 bytes
->Flash cache emptied: 5324 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19400 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jakub
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.43.1 log created on 05242012_105031

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\lnsecsl.exe scheduled to be moved on reboot.
File\Folder C:\Windows\Temp\mrtA939.tmp\aviflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\bmpflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\Download.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\fliflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\Get.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\gifflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\jpgflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\KcBoxA.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\kcedit.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\kcfile.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\kclist.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\KcWebX.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\mmfs2.dll not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\pcxflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\pngflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\Registry2.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\stdrt.exe not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\tgaflt.ift not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\volume.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp\Yaso.mfx not found!
File\Folder C:\Windows\Temp\mrtA939.tmp not found!
C:\Users\Jakub\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

VIRY.CZ

stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe

Re: stdrt.exe